Hi Hilko, On Fri, Jun 12, 2015 at 01:30:28PM +0200, Hilko Bengen wrote: > Control: tags -1 moreinfo > > * Salvatore Bonaccorso: > > > Source: elasticsearch > > Version: 1.0.3+dfsg-5 > > Severity: grave > > Tags: security upstream fixed-upstream > > Where exactly has it been fixed upstream? A git coommit id would be > helpful.
I haven't a specific commit. The only information I had so far is that upstream claims that affected versions are all 1.0.0 up to 1.5.2 and the issue is fixed in 1.6.0: See https://www.elastic.co/community/security/ Regards, Salvatore __ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.