Bug#1068463: procyon: Untrusted code execution via cwd in classpath

Package: procyon-decompiler Version: 0.6.0-1 Tags: security Severity: grave In the default configuration, procyon prepends current working directory to the java classpath. This is done in the shell script /usr/bin/procyon, which sets, apparently by mistake, CLASSPATH=$CLASSPATH:..., where $CLASSPA

Bug#1041419: ca-certificates-java: workaround

Package: ca-certificates-java Followup-For: Bug #1041419 X-Debbugs-Cc: foren...@wi.rr.com There are actually 2 of each of these files, differing only in 7+7 and 8+7 openjdk-17-jre_17.0.7+7-1~deb12u1_amd64.deb openjdk-17-jre_17.0.8+7-1~deb12u1_amd64.deb openjdk-17-jre-headless_17.0.7+7-1~deb12

Bug#929685: ca-certificates-java: What is the resolution to this bug

Package: ca-certificates-java Followup-For: Bug #929685 X-Debbugs-Cc: foren...@wi.rr.com What is tyhe resolution to this bug? -- System Information: Debian Release: 12.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: am

Jetty11 in Debian

Hello! May I ask about any plans to integrate Jetty 11 (Jakarta namespaces) into Debian? In our case this seems to be the missing piece preventing us from migrating our software product to Java 17 (which itself is available in Bullseye). Many thanks and happy holidays, Tomas -- Tomas