Package: src:libspring-java Severity: grave Tags: security Justification: user security hole
Hi, CVE-2014-3578 was assigned to a directory traversal in the spring framework, affecting all versions in Debian (fixed in 3.2.0). More information can be found on: - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3578 - http://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000054.html Please include the CVE number in the changelog entry fixing the vulnerability. Regards, -- Yves-Alexis Perez -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (450, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
