Package: src:libspring-java
Severity: grave
Tags: security
Justification: user security hole


CVE-2014-3578 was assigned to a directory traversal in the spring
framework, affecting all versions in Debian (fixed in 3.2.0).

More information can be found on:


Please include the CVE number in the changelog entry fixing the

Yves-Alexis Perez

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (450, 
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

This is the maintainer address of Debian's Java team
Please use for discussions and questions.

Reply via email to