On 07/27/2012 04:08 AM, Thijs Kinkhorst wrote:
> Hi,
>>> However, this is not a vulnerability, only extra hardening which is
> surely
>>> useful but not a vulnerability in itself. I'm therefore downgrading this
>>> bug to minor: the request to update the README.Debian.
>> Thank you for looking into this bug.  I shouldn't have let this one go
>> for so long, but honestly, I'm not sure about the text to add to the
>> package readme.
>> Can you propose appropriate wording to add to README.Debian.  Would it
>> be sufficient to reference the CVE and include a link (say, to [1])?
> See attached patch for a change to README.Debian. I've tested it and
> confirmed that it has the desired effect.
> Please apply it to the repository; I'm not sure that a separate upload to
> wheezy is warranted for this but if you're going to make an upload before
> the release please be sure to include this aswell.
> Cheers,
> Thijs

Applied - thank you!


This is the maintainer address of Debian's Java team
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to