-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : jython Version : 2.5.2-1+deb7u1 CVE ID : CVE-2016-4000 Debian Bug : 864859
Alvaro Munoz and Christian Schneider discovered that Jython, an implementation of the Python language seamlessly integrated with Java, would execute arbitrary code when deserializing objects. For Debian 7 "Wheezy", these problems have been fixed in version 2.5.2-1+deb7u1. We recommend that you upgrade your jython packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAllGY3FfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeR3MA//YSMdk2Y0O8PsdWAsrQmsMf6oKTmPxOL79pGj16ztuWDNrbwiCRmFsbuE 1uOH48u6h7Csz1f5LeV3ehxyt/Nd7cDoqP87x85iSa3qOpaw25j8Z0qSirA6AxJ1 vMZH/Pyimwgt0Gx33Cn8paTkR6nd3dFSCMUzxZBkf8j25Z3IniE4rX/1uAtscWfx I53iXUNWyiiE2n5lOGjPjhzqg8j2FycumWQ9dJyuJ0RXI2k4hVeQJk/74/2yFmJT kufRjCarJChDXCE8kNF/Fb9h8vhx5E92L+NoSHSGkHHs/jS2CQm+bjDygXYMZlmU WQSu1/scGQIw3yjvPho0yuJmDNkWtwc1ktfJ56mazE48e5kulOelfsPTFJ8jzKG9 K+RtmRk9sSrbSOTjzgcxFZzbbrc2yT2GFSclnWMTorXPz+8JRs8wF15DzAD0aRcR eLKLQR2wVr6p7AD+5pJt703Pl08fWLoXHZPNwQfi1d2Q+dwsc8Q/9GT1+lNKAxPy +WOEgqHw/0IVMFAlLWj+c4H9fyMlVgkjSZo23SJs7h7ObFpHrVUlMZDtaWss3+8d /J5Di54azKHg+9Ds0i61bjEg5uM3iJBvKFDa8mWwkhdv/KNb3tKpB89OvjhnVyH1 xJYBVPb1uxBfK5ZprzZtBs/KIPD587X7cUsHXQAuagPT2YIUfhE= =K/g9 -----END PGP SIGNATURE-----
