On Mon, Nov 09, 2015 at 09:25:20AM +0100, Emmanuel Bourg wrote:
> Hi Moritz,
> If I'm not mistaken this vulnerability is actually linked to a dangerous
> deserialization in commons-collections if the input isn't properly
Indeed, I intended to file a separate bug for those (but I was unsure whether
jenkins used the system-wide lib as opposed to the released versions from
This is the maintainer address of Debian's Java team
debian-j...@lists.debian.org for discussions and questions.