This is an automated email from the git hooks/post-receive script. ebourg-guest pushed a commit to branch master in repository commons-httpclient.
commit b4ccaa41b21b6d8b046eb65a8ece64754e042005 Author: Markus Koschany <[email protected]> Date: Thu Apr 16 09:52:24 2015 +0000 Merge release 3.1-11 into trunk --- debian/ant.properties | 4 ++-- debian/changelog | 20 +++++++++++++++++++- debian/patches/series | 1 + 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/debian/ant.properties b/debian/ant.properties index 83436ca..02c8209 100644 --- a/debian/ant.properties +++ b/debian/ant.properties @@ -1,5 +1,5 @@ # JSSE stub classes required for build lib.dir=/usr/share/java #jsse.jar=/usr/share/java/jsse.jar -ant.build.javac.source=1.4 -ant.build.javac.target=1.4 +ant.build.javac.source=1.5 +ant.build.javac.target=1.5 diff --git a/debian/changelog b/debian/changelog index 457855c..463230f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -commons-httpclient (3.1-11) UNRELEASED; urgency=medium +commons-httpclient (3.1-12) UNRELEASED; urgency=medium [ Kumar Appaiah ] * debian/control: @@ -15,6 +15,24 @@ commons-httpclient (3.1-11) UNRELEASED; urgency=medium -- Kumar Appaiah <[email protected]> Sat, 29 Mar 2014 15:40:00 -0400 +commons-httpclient (3.1-11) unstable; urgency=high + + * Team upload. + * Add CVE-2014-3577.patch. (Closes: #758086) + It was found that the fix for CVE-2012-6153 was incomplete: the code added + to check that the server hostname matches the domain name in a subject's + Common Name (CN) field in X.509 certificates was flawed. A + man-in-the-middle attacker could use this flaw to spoof an SSL server using + a specially crafted X.509 certificate. The fix for CVE-2012-6153 was + intended to address the incomplete patch for CVE-2012-5783. The issue is + now completely resolved by applying this patch and the + 06_fix_CVE-2012-5783.patch. + * Change java.source and java.target ant properties to 1.5, otherwise + commons-httpclient will not compile with this patch. + + -- Markus Koschany <[email protected]> Mon, 23 Mar 2015 22:57:54 +0100 + + commons-httpclient (3.1-10.2) unstable; urgency=low * Non-maintainer upload. diff --git a/debian/patches/series b/debian/patches/series index ca273f1..959af1a 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -5,3 +5,4 @@ 04_fix_classpath.patch 05_osgi_metadata 06_fix_CVE-2012-5783.patch +CVE-2014-3577.patch -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/commons-httpclient.git _______________________________________________ pkg-java-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
