Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Squeeze version of your commons-httpclient: https://security-tracker.debian.org/tracker/CVE-2012-6153
It would be nice if you could take care of this update as the package is not high enough on our priority list and we seem to never manage to find the time. And the same seems to apply for the stable security team since this issue is still open in all releases despite a friendly ping from Moritz last december. Yet the package seems to be relatively important in the java world since it's a reverse dependency of quite a few other packages... So it would be nice to have some action going. I don't want to raise the severity to "serious" at this point of the release but it's not good for Debian to leave security issues unattended for so long. So can someone take the responsibility to provide fixed packages for our releases? I have included Alberto Fernández Martínez in copy since he's the last person having uploaded the package in... 2012! Thank you in advance! Raphaël Hertzog, on behalf of the Debian LTS team. PS: If you want to handle the upload to squeeze-lts by yourself, please follow the instructions here: http://wiki.debian.org/LTS/Development -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
