Philippe Cloutier wrote: > Ur, I hadn't looked at the vulnerabilies. I reported the vulnerabity to > CVE-2007-5689 myself as #463501...hoping this will be fixed soon :S
In looking at CVE-2007-5689 [0] we find the vulnerability exists up to 1.5.0_12 and is fixed in 1.5.0_13 as confirmed in the upstream release notes [1]. Please consider the uploading of 1.5.0_14 as previously mentioned as a "timely reaction from the Java maintenance team". Please make this fix available to etch users, not just sid users (a timely reaction from the Debian Release Team :-) ). Merci pour votre consideration, --Tom [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5689 [1] http://java.sun.com/j2se/1.5.0/ReleaseNotes.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
