tag 864859 + pending
Some bugs in the jython package are closed in revision
fa94dba7f47bf6e245a0016e840e8f3b817000ca in branch ' jessie' by
The full diff can be seen at
Import Debian changes 2.5.3-3+deb8u1
jython (2.5.3-3+deb8u1) jessie-security; urgency=high
* Team upload.
* Fix CVE-2016-4000: (Closes: #864859)
Unsafe deserialization may lead to arbitrary code execution.
This is the maintainer address of Debian's Java team
debian-j...@lists.debian.org for discussions and questions.