Your message dated Tue, 23 Aug 2022 11:48:50 +0000
with message-id <[email protected]>
and subject line Bug#1013280: fixed in jboss-xnio 3.8.7-2
has caused the Debian Bug report #1013280,
regarding jboss-xnio: CVE-2022-0084
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1013280: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013280
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: jboss-xnio
X-Debbugs-CC: [email protected]
Severity: important
Tags: security
Hi,
The following vulnerability was published for jboss-xnio.
The only source for this is in Red Hat Bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=2064226
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-0084
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0084
Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: jboss-xnio
Source-Version: 3.8.7-2
Done: Markus Koschany <[email protected]>
We believe that the bug you reported is fixed in the latest version of
jboss-xnio, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Markus Koschany <[email protected]> (supplier of updated jboss-xnio package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 23 Aug 2022 13:16:34 +0200
Source: jboss-xnio
Architecture: source
Version: 3.8.7-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
<[email protected]>
Changed-By: Markus Koschany <[email protected]>
Closes: 1013280
Changes:
jboss-xnio (3.8.7-2) unstable; urgency=medium
.
* Fix CVE-2022-0084.
Thanks to Moritz Mühlenhoff for the report. (Closes: #1013280)
* Declare compliance with Debian Policy 4.6.1.
Checksums-Sha1:
c8242d97ff843c26d759682cdbe905bdc4e4f2c4 2498 jboss-xnio_3.8.7-2.dsc
ff383131fa9dccd642e68c2b4d7b55027088195e 5044 jboss-xnio_3.8.7-2.debian.tar.xz
6558c13a976521f0f600d768fbc797a6555b799d 13769
jboss-xnio_3.8.7-2_amd64.buildinfo
Checksums-Sha256:
644a3993fc44445c7ee07028e4b6970c30bbbd4f4af9cc93aae3fe5abcaf039f 2498
jboss-xnio_3.8.7-2.dsc
cfa9b779745252c3dab47706a413844fc7972213bf4de4b1e2598f9d1e7267ea 5044
jboss-xnio_3.8.7-2.debian.tar.xz
d8e756b9f2cc1cb8d202a3860db8d891f944307838af8c301b21657bee8c061c 13769
jboss-xnio_3.8.7-2_amd64.buildinfo
Files:
e6e9112ae38186329d1d980bd05d124e 2498 java optional jboss-xnio_3.8.7-2.dsc
abd502f61a69671769623ad0d456f51f 5044 java optional
jboss-xnio_3.8.7-2.debian.tar.xz
3b6bb9a5376cc778875bc6abfd0387a9 13769 java optional
jboss-xnio_3.8.7-2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmMEuWxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkSRgP/1qPVN3u5e1Xwa5D/Vbml65pbUAM8QKPciPV
vaCH+5U1EZjXq88v2Pwl7ftEhSo6O9q5y0iaU+gX/3XZvVUO4Q60+GV728t0QpBW
AyxEo92hgtBfsZGEf0xN/9AILWjmDx5THCVxP4p2kfkxouhDk8EIt5y0PoAaOTH2
TZeafevqqcc8QkYPcWKhS6elrO2R2Wm1/ygsxKR9Ts72H640/rEMztevwpCI9aCA
PmD5P9SQr0tthhbqZXVNO9KEp80v0hM5iVJdIDyMUKca5/CpTs4V4FMF8RRgy0Ab
fz4jju9r5fF1tpi/KVfN1QMkwdeKvQuG2fKifunru0Up0GjRJdIGbAyKBCSpsobI
ECmqvJC8xhkdNJOWOwDJuasKsAwRW3Mgr9YQMXEh3sxRyo3d0zYXRnf+x8sfVTEg
ZBq5ya4W2oXApF61ODOSmcWjrKAg4QYprRwepzf+d526eA6eiAT4dL3v458oVGZP
ex29RoRP1VBcqOoEzd1UJLwMGEthVkal0zCzUBXcj9DaXjNaL3ZBOhpnxrYjRr5u
96ssqYUbFGFIJcoZnVr/FA4dzNw8vKYiFXEi6z/buI5ZjV3WhewmQmcFo4dXmmqh
mMY3zaOlBL5Ir2epK+92R2rO5+5VatXos2coAo6hwsNLOvDoQvaRjtpkUUiJTqTb
dIpSri0v
=YP+Q
-----END PGP SIGNATURE-----
--- End Message ---
__
This is the maintainer address of Debian's Java team
<https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-java-maintainers>.
Please use
[email protected] for discussions and questions.
