androidsdk-tools is marked for autoremoval from testing

[Debian testing autoremoval watch]

androidsdk-tools 22.2+git20130830~92d25d6-3 is marked for autoremoval from 
testing on 2016-05-02

It (build-)depends on packages with these RC bugs:
814600: android-tools: B-D on obsolete android-system-dev


__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jarjar

[Reproducible builds folks]

2016-04-22 07:53 https://tests.reproducible-builds.org/unstable/amd64/jarjar 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for josql

[Reproducible builds folks]

2016-04-22 08:07 https://tests.reproducible-builds.org/unstable/amd64/josql 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libcommons-el-java

[Reproducible builds folks]

2016-04-22 09:12 
https://tests.reproducible-builds.org/unstable/amd64/libcommons-el-java changed 
from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jcsp

[Reproducible builds folks]

2016-04-22 07:57 https://tests.reproducible-builds.org/unstable/amd64/jcsp 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jcifs

[Reproducible builds folks]

2016-04-22 07:53 https://tests.reproducible-builds.org/unstable/amd64/jcifs 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libformula

[Reproducible builds folks]

2016-04-22 09:31 
https://tests.reproducible-builds.org/unstable/amd64/libformula changed from 
unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libcommons-codec-java

[Reproducible builds folks]

2016-04-22 09:13 
https://tests.reproducible-builds.org/unstable/amd64/libcommons-codec-java 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jargs

[Reproducible builds folks]

2016-04-22 07:50 https://tests.reproducible-builds.org/unstable/amd64/jargs 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jetty

[Reproducible builds folks]

2016-04-22 08:12 https://tests.reproducible-builds.org/unstable/amd64/jetty 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jtharness

[Reproducible builds folks]

2016-04-22 08:23 https://tests.reproducible-builds.org/unstable/amd64/jtharness 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libmetadata-extractor-java

[Reproducible builds folks]

2016-04-22 09:52 
https://tests.reproducible-builds.org/unstable/amd64/libmetadata-extractor-java 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jama

[Reproducible builds folks]

2016-04-22 07:45 https://tests.reproducible-builds.org/unstable/amd64/jama 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libflexdock-java

[Reproducible builds folks]

2016-04-22 09:27 
https://tests.reproducible-builds.org/unstable/amd64/libflexdock-java changed 
from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libmicroba-java

[Reproducible builds folks]

2016-04-22 09:52 
https://tests.reproducible-builds.org/unstable/amd64/libmicroba-java changed 
from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libregexp-java

[Reproducible builds folks]

2016-04-22 09:59 
https://tests.reproducible-builds.org/unstable/amd64/libregexp-java changed 
from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for xmlstreambuffer

[Reproducible builds folks]

2016-04-22 12:32 
https://tests.reproducible-builds.org/unstable/amd64/xmlstreambuffer changed 
from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for librepository

[Reproducible builds folks]

2016-04-22 10:01 
https://tests.reproducible-builds.org/unstable/amd64/librepository changed from 
unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jline

[Reproducible builds folks]

2016-04-22 08:03 https://tests.reproducible-builds.org/unstable/amd64/jline 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libjpf-java

[Reproducible builds folks]

2016-04-22 09:45 
https://tests.reproducible-builds.org/unstable/amd64/libjpf-java changed from 
unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jexcelapi

[Reproducible builds folks]

2016-04-22 08:01 https://tests.reproducible-builds.org/unstable/amd64/jexcelapi 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jcharts

[Reproducible builds folks]

2016-04-22 07:54 https://tests.reproducible-builds.org/unstable/amd64/jcharts 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for janino

[Reproducible builds folks]

2016-04-22 07:54 https://tests.reproducible-builds.org/unstable/amd64/janino 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for jmock2

[Reproducible builds folks]

2016-04-22 08:20 https://tests.reproducible-builds.org/unstable/amd64/jmock2 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for libproxool-java

[Reproducible builds folks]

2016-04-22 10:02 
https://tests.reproducible-builds.org/unstable/amd64/libproxool-java changed 
from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

reproducible.debian.net status changes for java3d

[Reproducible builds folks]

2016-04-22 08:02 https://tests.reproducible-builds.org/unstable/amd64/java3d 
changed from unreproducible -> reproducible

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#822290: colorpicker: disturbing text of license grant

[Dmitry Smirnov]

Source: colorpicker
Version: 1.0.0-2
Severity: normal
Usertags: dfsg

Some files have fairly disturbing text of license grant:


 You may not use, copy or modify this software, except in
 accordance with the license agreement you entered into with
 Jeremy Wood. For details see accompanying license terms.


I'm not even sure if this is a reference to modified BSD-3-Clause license 
from "License.html" as the latter does not mention Jeremy Wood in the text of 
the license.

I believe this text of license grant is not DFSG compliant as (most) users 
are unlikely to be in any direct license agreement with copyright owner.

Please investigate.

-- 
All the best,
 Dmitry Smirnov
 GPG key : 4096R/53968D1B


signature.asc
Description: This is a digitally signed message part.
__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

ant_1.9.7-2~bpo8+1_amd64.changes ACCEPTED into jessie-backports

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Fri, 22 Apr 2016 22:24:13 +0200
Source: ant
Binary: ant ant-gcj ant-optional ant-optional-gcj ant-doc
Architecture: source all amd64
Version: 1.9.7-2~bpo8+1
Distribution: jessie-backports
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: Emmanuel Bourg 
Description:
 ant- Java based build tool like make
 ant-doc- Java based build tool like make - API documentation and manual
 ant-gcj- Java based build tool like make (GCJ)
 ant-optional - Java based build tool like make - optional libraries
 ant-optional-gcj - Java based build tool like make - optional libraries (GCJ)
Closes: 821065
Changes:
 ant (1.9.7-2~bpo8+1) jessie-backports; urgency=medium
 .
   * Rebuild for jessie-backports.
 .
 ant (1.9.7-2) unstable; urgency=medium
 .
   * Do not set the javadoc encoding twice (Closes: #821065)
 .
 ant (1.9.7-1) unstable; urgency=medium
 .
   * New upstream release
 - Refreshed the patches
   * Reproducibility improvements:
 - The Javadoc task uses UTF-8 as the default encoding if none was specified
   and SOURCE_DATE_EPOCH is set.
   * Standards-Version updated to 3.9.8 (no changes)
 .
 ant (1.9.6-2) unstable; urgency=medium
 .
   * Reproducibility improvements:
 - The Tstamp task now supports the SOURCE_DATE_EPOCH variable
 - The Javadoc task uses 'en' as the default locale if none was specified
   and SOURCE_DATE_EPOCH is set.
   * Restored the XSL files in /usr/share/ant/etc which were removed
 in the version 1.7.1-1 (LP: #563899)
   * Install the missing ant-junit4 pom
   * Standards-Version updated to 3.9.7 (no changes)
   * Use secure Vcs-* fields
Checksums-Sha1:
 06ebf08ea9281f2efbb3ff959a0b62cda07f62f1 2593 ant_1.9.7-2~bpo8+1.dsc
 b886b2c2de56dfbfce3653dff86e80c9f370a5c8 3210020 ant_1.9.7.orig.tar.xz
 4270f908f3482241925367143053bbe316370173 18392 ant_1.9.7-2~bpo8+1.debian.tar.xz
 09b0393187d49911a03e9b703919a23b0681e19f 1907124 ant_1.9.7-2~bpo8+1_all.deb
 d2508e920544d3ed69439d1c3a375779314b68e6 349232 
ant-optional_1.9.7-2~bpo8+1_all.deb
 7794484c42f1825d98f5391fb59c50a33c88733f 1947348 ant-doc_1.9.7-2~bpo8+1_all.deb
 98b2df376e399d47aa286bbcd00d281a6c994a9c 1700122 
ant-gcj_1.9.7-2~bpo8+1_amd64.deb
 1995ea7d1f50f5357cbe3d0a6edca6cc6845867a 323028 
ant-optional-gcj_1.9.7-2~bpo8+1_amd64.deb
Checksums-Sha256:
 96c6dcdf1574bbd8f56f3a80bef8e75e3e800ad96ff1767f3d3a7198ebb2fb3a 2593 
ant_1.9.7-2~bpo8+1.dsc
 5136450b6248ddf9956a6fb13e40fb715377f13fc91d43650dd52e509b9e193e 3210020 
ant_1.9.7.orig.tar.xz
 357a0f78a5d6d5ca438e33c07d26b566baf1dc7aa090359585d3610c67b81670 18392 
ant_1.9.7-2~bpo8+1.debian.tar.xz
 21fda4eb58de3d28d21f9caa831a0f316583b0f1d2affb8daa37b743a259883f 1907124 
ant_1.9.7-2~bpo8+1_all.deb
 63534b7869c6653f8b07205bef8b1269b7a8c4082b60d3d4e49a63d7ce93330a 349232 
ant-optional_1.9.7-2~bpo8+1_all.deb
 c0c40b443616d96a7c6d0b64d456e0ff372bc4422a1e50f78b88bd9ffe7dc460 1947348 
ant-doc_1.9.7-2~bpo8+1_all.deb
 831b51817b64cd2fdc88c83e3e9ee0c6e484bf5ec344345fad881801da59e6d9 1700122 
ant-gcj_1.9.7-2~bpo8+1_amd64.deb
 0e0692d0c440ae3924cfb5a48f3e146f58fd52d42817495a47dc3d0ac13e2c38 323028 
ant-optional-gcj_1.9.7-2~bpo8+1_amd64.deb
Files:
 9229bb543978873c9dd310e39a4f1912 2593 java optional ant_1.9.7-2~bpo8+1.dsc
 1e89d49a16474e77748ce09c9f123a35 3210020 java optional ant_1.9.7.orig.tar.xz
 eda4b2114377ccec437ddd34ffd99862 18392 java optional 
ant_1.9.7-2~bpo8+1.debian.tar.xz
 3c3ed600ce4738a9dd2dc2d920ed1148 1907124 java optional 
ant_1.9.7-2~bpo8+1_all.deb
 69833a0bcde1d9492dc7c1327710d603 349232 java optional 
ant-optional_1.9.7-2~bpo8+1_all.deb
 19c3f3f6f59670a9ae3bc0850260a12c 1947348 doc optional 
ant-doc_1.9.7-2~bpo8+1_all.deb
 97875701ec1eebf355f2a81919431675 1700122 java optional 
ant-gcj_1.9.7-2~bpo8+1_amd64.deb
 bc7c5716235a21750104701dba826d63 323028 java optional 
ant-optional-gcj_1.9.7-2~bpo8+1_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJXGpqAAAoJEPUTxBnkudCst7gP/31Ml5Pa7elANmbNFB2f1X7Q
P3u+s+S4xRKNX9b+Ark6S4HN9qk3Kx+5fN3mFzwE2p34+QelXPVyLUV427QV5HBK
b7FYLcELDIhtNvj9RUzAiAsUwEjHWoiCqHBb6STAe6jm8NDr0HI5Lx5VnihFcFfS
T7eTL7GQj74WnGPmX45AFdo9xgAHqdFxGmaEnhH/hwQFVdBS/ePF6VeFbtTuUqXu
zyrwZSE5Zzv6bE1dbYnHbj1mdNWwlT0CBiVJA4G3g54JaVVynWq2xLdwjYRO7nlr
efeee5yWNHa+lLJFAQns6HdmfKomxY8AEawVS1XM8i0MYGP5Wd0rSgjGWUcuoBow
8GhN4BaipEy2ylop4avX4wlRkKPuWD9UGxpMLbFr9wNiWjLqVxPnsMLExr7BcfYf
YNyxvayU8tsfBHAf+CMcAVwabRzi4KvqB0Ma8PrBs/mbpA4tcbQJF4Y6yXRrDYwc
ssPQN5FS4Ny7OknX+38W04jubVERpke0s1/uyj026GGEa4D2F9cYVFTq/EZl9g6C
8P2fWPoJdyLa/TomI2yAs5wUG0AwYmkTQs95aIazR3SRoZ/OcckPcscX9gFwdU7W
PMyt7G98lUFqISlUkrn+/iX6eMJL672XLqY6Ehh26NAU6eBCJLHda+TocrVkdBZB
P+qKxDZavFHxQx0fNgoC
=2NSL
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

__
This is the maintainer address of Debian's Java team
. 

Processing of ant_1.9.7-2~bpo8+1_amd64.changes

[Debian FTP Masters]

ant_1.9.7-2~bpo8+1_amd64.changes uploaded successfully to localhost
along with the files:
  ant_1.9.7-2~bpo8+1.dsc
  ant_1.9.7.orig.tar.xz
  ant_1.9.7-2~bpo8+1.debian.tar.xz
  ant_1.9.7-2~bpo8+1_all.deb
  ant-optional_1.9.7-2~bpo8+1_all.deb
  ant-doc_1.9.7-2~bpo8+1_all.deb
  ant-gcj_1.9.7-2~bpo8+1_amd64.deb
  ant-optional-gcj_1.9.7-2~bpo8+1_amd64.deb

Greetings,

Your Debian queue daemon (running on host franck.debian.org)

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

tomcat7_7.0.28-4+deb7u4_amd64.changes ACCEPTED into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 16 Apr 2016 13:07:43 +0200
Source: tomcat7
Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java 
libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs
Architecture: source all
Version: 7.0.28-4+deb7u4
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description: 
 libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes
 libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation
 libtomcat7-java - Servlet and JSP engine -- core libraries
 tomcat7- Servlet and JSP engine
 tomcat7-admin - Servlet and JSP engine -- admin web applications
 tomcat7-common - Servlet and JSP engine -- common files
 tomcat7-docs - Servlet and JSP engine -- documentation
 tomcat7-examples - Servlet and JSP engine -- example web applications
 tomcat7-user - Servlet and JSP engine -- tools to create user instances
Changes: 
 tomcat7 (7.0.28-4+deb7u4) wheezy-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2014-0096:
 java/org/apache/catalina/servlets/DefaultServlet.java in the default
 servlet in Apache Tomcat does not properly restrict XSLT stylesheets, which
 allows remote attackers to bypass security-manager restrictions and read
 arbitrary files via a crafted web application that provides an XML external
 entity declaration in conjunction with an entity reference, related to an
 XML External Entity (XXE) issue.
   * Fix CVE-2014-0119:
 It was found that in limited circumstances it was possible for a malicious
 web application to replace the XML parsers used by Tomcat to process XSLTs
 for the default servlet, JSP documents, tag library descriptors (TLDs) and
 tag plugin configuration files. The injected XML parser(s) could then
 bypass the limits imposed on XML external entities and/or have visibility
 of the XML files processed for other web applications deployed on the same
 Tomcat instance.
   * Fix CVE-2015-5174:
 Directory traversal vulnerability in RequestUtil.java allows remote
 authenticated users to bypass intended SecurityManager restrictions and
 list a parent directory via a /.. (slash dot dot) in a pathname used by a
 web application in a getResource, getResourceAsStream, or getResourcePaths
 call, as demonstrated by the $CATALINA_BASE/webapps directory.
   * Fix CVE-2015-5345:
 The Mapper component in Apache Tomcat processes redirects before
 considering security constraints and Filters, which allows remote attackers
 to determine the existence of a directory via a URL that lacks a trailing /
 (slash) character.
   * Fix CVE-2015-5346:
 Session fixation vulnerability in Apache Tomcat when different session
 settings are used for deployments of multiple versions of the same web
 application, might allow remote attackers to hijack web sessions by
 leveraging use of a requestedSessionSSL field for an unintended request,
 related to CoyoteAdapter.java and Request.java.
   * Fix CVE-2015-5351:
 The Manager and Host Manager applications in Apache Tomcat establish
 sessions and send CSRF tokens for arbitrary new requests, which allows
 remote attackers to bypass a CSRF protection mechanism by using a token.
   * Fix CVE-2016-0706:
 Apache Tomcat does not place
 org.apache.catalina.manager.StatusManagerServlet on the
 org/apache/catalina/core/RestrictedServlets.properties list, which allows
 remote authenticated users to bypass intended SecurityManager restrictions
 and read arbitrary HTTP requests, and consequently discover session ID
 values, via a crafted web application.
   * Fix CVE-2016-0714:
 The session-persistence implementation in Apache Tomcat mishandles session
 attributes, which allows remote authenticated users to bypass intended
 SecurityManager restrictions and execute arbitrary code in a privileged
 context via a web application that places a crafted object in a session.
   * Fix CVE-2016-0763:
 The setGlobalContext method in
 org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat does
 not consider whether ResourceLinkFactory.setGlobalContext callers are
 authorized, which allows remote authenticated users to bypass intended
 SecurityManager restrictions and read or write to arbitrary application
 data, or cause a denial of service (application disruption), via a web
 application that sets a crafted global context.
Checksums-Sha1: 
 4460caa7aa6ef4b9194f73bcc5ba1195cfe9cddc 2760 tomcat7_7.0.28-4+deb7u4.dsc
 461b985c6271009a21cce55a7bab518288728253 128353 
tomcat7_7.0.28-4+deb7u4.debian.tar.gz
 c48dfca36d7b94fbb36bcd0737e570a8d3638aa2 64338 
tomcat7-common_7.0.28-4+deb7u4_all.deb
 d8cb22a7d8bed4623306c8bada2165db584b172a 51822 

tomcat7_7.0.56-3+deb8u2_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 16 Apr 2016 09:10:22 +
Source: tomcat7
Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java 
libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs
Architecture: source all
Version: 7.0.56-3+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description:
 libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes
 libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation
 libtomcat7-java - Servlet and JSP engine -- core libraries
 tomcat7- Servlet and JSP engine
 tomcat7-admin - Servlet and JSP engine -- admin web applications
 tomcat7-common - Servlet and JSP engine -- common files
 tomcat7-docs - Servlet and JSP engine -- documentation
 tomcat7-examples - Servlet and JSP engine -- example web applications
 tomcat7-user - Servlet and JSP engine -- tools to create user instances
Changes:
 tomcat7 (7.0.56-3+deb8u2) jessie-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2015-5174:
 Directory traversal vulnerability in RequestUtil.java allows remote
 authenticated users to bypass intended SecurityManager restrictions and
 list a parent directory via a /.. (slash dot dot) in a pathname used by a
 web application in a getResource, getResourceAsStream, or getResourcePaths
 call, as demonstrated by the $CATALINA_BASE/webapps directory.
   * Fix CVE-2015-5345:
 The Mapper component in Apache Tomcat processes redirects before
 considering security constraints and Filters, which allows remote attackers
 to determine the existence of a directory via a URL that lacks a trailing /
 (slash) character.
   * Fix CVE-2015-5346:
 Session fixation vulnerability in Apache Tomcat when different session
 settings are used for deployments of multiple versions of the same web
 application, might allow remote attackers to hijack web sessions by
 leveraging use of a requestedSessionSSL field for an unintended request,
 related to CoyoteAdapter.java and Request.java.
   * Fix CVE-2015-5351:
 The Manager and Host Manager applications in Apache Tomcat establish
 sessions and send CSRF tokens for arbitrary new requests, which allows
 remote attackers to bypass a CSRF protection mechanism by using a token.
   * Fix CVE-2016-0706:
 Apache Tomcat does not place
 org.apache.catalina.manager.StatusManagerServlet on the
 org/apache/catalina/core/RestrictedServlets.properties list, which allows
 remote authenticated users to bypass intended SecurityManager restrictions
 and read arbitrary HTTP requests, and consequently discover session ID
 values, via a crafted web application.
   * Fix CVE-2016-0714:
 The session-persistence implementation in Apache Tomcat mishandles session
 attributes, which allows remote authenticated users to bypass intended
 SecurityManager restrictions and execute arbitrary code in a privileged
 context via a web application that places a crafted object in a session.
   * Fix CVE-2016-0763:
 The setGlobalContext method in
 org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat does
 not consider whether ResourceLinkFactory.setGlobalContext callers are
 authorized, which allows remote authenticated users to bypass intended
 SecurityManager restrictions and read or write to arbitrary application
 data, or cause a denial of service (application disruption), via a web
 application that sets a crafted global context.
Checksums-Sha1:
 4b90f5b57247498c655c02ea6f3cdaba486059fb 2890 tomcat7_7.0.56-3+deb8u2.dsc
 28a55fc0685420b300bcdfc95578afd9f3dd25cc 81656 
tomcat7_7.0.56-3+deb8u2.debian.tar.xz
 50c84c7ddbda164519e123436218d830a2c7be80 61968 
tomcat7-common_7.0.56-3+deb8u2_all.deb
 828c1945b21f5e029871302eebae507b99449cb3 50772 tomcat7_7.0.56-3+deb8u2_all.deb
 46280175c11b17b8c3e44b7856b493165a22f085 38346 
tomcat7-user_7.0.56-3+deb8u2_all.deb
 e0e14dd92a6639d94c31800544c10f8a889c0063 3623220 
libtomcat7-java_7.0.56-3+deb8u2_all.deb
 92314c13b38ba1c6676a9bf801461da3e1d0a468 314318 
libservlet3.0-java_7.0.56-3+deb8u2_all.deb
 baad166982e27155ff43da6a23b3745d7d30832f 204328 
libservlet3.0-java-doc_7.0.56-3+deb8u2_all.deb
 79e787e8592f485f57fa90afcb793edca6bdcc33 39350 
tomcat7-admin_7.0.56-3+deb8u2_all.deb
 3e9ce383fefce4fb30cc9ff0efa13940c825bb8e 197514 
tomcat7-examples_7.0.56-3+deb8u2_all.deb
 ccb2ae08c6099e4d11ed0e836c37edbe49396d13 603562 
tomcat7-docs_7.0.56-3+deb8u2_all.deb
Checksums-Sha256:
 cb928db4d42c63ea23546a10a0abfcf814b2f7915d85304b41a87412f6dc5929 2890 
tomcat7_7.0.56-3+deb8u2.dsc
 a18282c894ea34079c9e0d9e38ee2e5ddd3ace30bc830c5ef53736f6173cc30a 81656 
tomcat7_7.0.56-3+deb8u2.debian.tar.xz
 78c7145d8a0c374eb19dcff06db57b916449c6e4dbfa1889db1037b8020f72d9 61968 

[Branch ~openjdk/openjdk/openjdk7] Rev 602: openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium

[noreply]

revno: 602
committer: Matthias Klose 
branch nick: openjdk7
timestamp: Fri 2016-04-22 21:21:50 +0200
message:
  openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium
  
[ Tiago Stürmer Daitx ]
* SECURITY UPDATE: Applies to client deployment of Java only. This
  vulnerability can be exploited only through sandboxed Java Web Start
  applications and sandboxed Java applets.
  - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335,
CVE-2016-0636: Improve MethodHandle consistency
  
[ Matthias Klose ]
* Use internal tzdata for builds in stretch, unstable, experimental.
  Closes: #818308.
  
   -- Matthias Klose   Thu, 24 Mar 2016 15:24:32 +0100
  
  openjdk-7 (7u95-2.6.4-2) experimental; urgency=medium
  
* Upload to experimental.
  
   -- Matthias Klose   Fri, 05 Feb 2016 17:51:20 +0100
  
  openjdk-7 (7u95-2.6.4-1) unstable; urgency=high
  
[ Tiago Stürmer Daitx ]
* IcedTea release 2.6.4 (based on 7u95):
* Security fixes
  - S8059054, CVE-2016-0402: Better URL processing
  - S8130710, CVE-2016-0448: Better attributes processing
  - S8132210: Reinforce JMX collector internals
  - S8132988: Better printing dialogues
  - S8133962, CVE-2016-0466: More general limits
  - S8137060: JMX memory management improvements
  - S8139012: Better font substitutions
  - S8139017, CVE-2016-0483: More stable image decoding
  - S8140543, CVE-2016-0494: Arrange font actions
  - S8143185: Cleanup for handling proxies
  - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays
  - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH)
* debian/patches/it-debian-build-flags.diff: refreshed
* debian/patches/it-set-compiler.diff: refreshed
* debian/patches/it-use-quilt.diff: refreshed
* debian/patches/it-jamvm-2.0.diff: refreshed
* debian/patches/icedtea-pretend-memory.diff: refreshed
* debian/patches/fix_extra_flags-default.diff: refreshed
* debian/patches/zero-sparc.diff: refreshed
  
[ Matthias Klose ]
* Remove obsolete IcedTea configure options.
* Fix build failure on squeeze (Thorsten Glaser). Closes: #809205.
* Don't run the test on mips, still having stone age buildd hardware and
  empty promises to fix these issues since 2010.
  
   -- Matthias Klose   Thu, 21 Jan 2016 13:17:54 +0100
added:
  patches/jdk-8152335-improve-methodhandle-consistency.patch
modified:
  changelog
  patches/fix_extra_flags-default.diff
  patches/icedtea-pretend-memory.diff
  patches/it-debian-build-flags.diff
  patches/it-jamvm-2.0.diff
  patches/it-set-compiler.diff
  patches/it-use-quilt.diff
  patches/zero-sparc.diff
  rules


--
lp:~openjdk/openjdk/openjdk7
https://code.launchpad.net/~openjdk/openjdk/openjdk7

Your team Debian Java Maintainers is subscribed to branch 
lp:~openjdk/openjdk/openjdk7.
To unsubscribe from this branch go to 
https://code.launchpad.net/~openjdk/openjdk/openjdk7/+edit-subscription
=== modified file 'changelog'
--- changelog	2015-12-13 13:39:09 +
+++ changelog	2016-04-22 19:21:50 +
@@ -1,3 +1,57 @@
+openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium
+
+  [ Tiago Stürmer Daitx ]
+  * SECURITY UPDATE: Applies to client deployment of Java only. This
+vulnerability can be exploited only through sandboxed Java Web Start
+applications and sandboxed Java applets.
+- d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335,
+  CVE-2016-0636: Improve MethodHandle consistency
+
+  [ Matthias Klose ]
+  * Use internal tzdata for builds in stretch, unstable, experimental.
+Closes: #818308.
+
+ -- Matthias Klose   Thu, 24 Mar 2016 15:24:32 +0100
+
+openjdk-7 (7u95-2.6.4-2) experimental; urgency=medium
+
+  * Upload to experimental.
+
+ -- Matthias Klose   Fri, 05 Feb 2016 17:51:20 +0100
+
+openjdk-7 (7u95-2.6.4-1) unstable; urgency=high
+
+  [ Tiago Stürmer Daitx ]
+  * IcedTea release 2.6.4 (based on 7u95):
+  * Security fixes
+- S8059054, CVE-2016-0402: Better URL processing
+- S8130710, CVE-2016-0448: Better attributes processing
+- S8132210: Reinforce JMX collector internals
+- S8132988: Better printing dialogues
+- S8133962, CVE-2016-0466: More general limits
+- S8137060: JMX memory management improvements
+- S8139012: Better font substitutions
+- S8139017, CVE-2016-0483: More stable image decoding
+- S8140543, CVE-2016-0494: Arrange font actions
+- S8143185: Cleanup for handling proxies
+- S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays
+- S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH)
+  * debian/patches/it-debian-build-flags.diff: refreshed
+  * debian/patches/it-set-compiler.diff: refreshed
+  * debian/patches/it-use-quilt.diff: refreshed
+  * 

lombok 1.16.8+ds-2 MIGRATED to testing

[Debian testing watch]

FYI: The status of the lombok source package
in Debian's testing distribution has changed.

  Previous version: 1.16.8+ds-1
  Current version:  1.16.8+ds-2

-- 
This email is automatically generated once a day.  As the installation of
new packages into testing happens multiple times a day you will receive
later changes on the next day.
See https://release.debian.org/testing-watch/ for more information.

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

lombok-ast 0.2+ds-2 MIGRATED to testing

[Debian testing watch]

FYI: The status of the lombok-ast source package
in Debian's testing distribution has changed.

  Previous version: 0.2+ds-1
  Current version:  0.2+ds-2

-- 
This email is automatically generated once a day.  As the installation of
new packages into testing happens multiple times a day you will receive
later changes on the next day.
See https://release.debian.org/testing-watch/ for more information.

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

resteasy 3.0.12-1 MIGRATED to testing

[Debian testing watch]

FYI: The status of the resteasy source package
in Debian's testing distribution has changed.

  Previous version: 3.0.6-3
  Current version:  3.0.12-1

-- 
This email is automatically generated once a day.  As the installation of
new packages into testing happens multiple times a day you will receive
later changes on the next day.
See https://release.debian.org/testing-watch/ for more information.

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

jasperreports_6.1.1+dfsg-5_amd64.changes ACCEPTED into unstable

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Apr 2016 11:08:06 +0200
Source: jasperreports
Binary: libjasperreports-java libjasperreports-java-doc
Architecture: source all
Version: 6.1.1+dfsg-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description:
 libjasperreports-java - Java reporting generator library
 libjasperreports-java-doc - Java reporting generator library - documentation
Changes:
 jasperreports (6.1.1+dfsg-5) unstable; urgency=medium
 .
   * Team upload.
   * Declare compliance with Debian Policy 3.9.8.
   * Drop libcommons-javaflow-java from Build-Depends because it is no longer
 needed.
   * Add no-commons-javaflow.patch and do not support commons-javaflow anymore.
Checksums-Sha1:
 72e425199d412a055bd6fd40bc1dbcc5484cd090 2951 jasperreports_6.1.1+dfsg-5.dsc
 772329b65f73c63746ab3d266362c8fc0c667583 12448 
jasperreports_6.1.1+dfsg-5.debian.tar.xz
 41c6eff9534767c59c398213f9fc6f3b53c712af 3788914 
libjasperreports-java-doc_6.1.1+dfsg-5_all.deb
 c6156a54056f2db58435ed37a4c85573a1367ffd 4744392 
libjasperreports-java_6.1.1+dfsg-5_all.deb
Checksums-Sha256:
 bcd1f756fce3fab592e755894ada1c0de41fd4441375cf12365de7347ceac9c4 2951 
jasperreports_6.1.1+dfsg-5.dsc
 4eb9e0ae69ce928ec1c361d47a4dd49d7ef0eef63bc4741c2ab44919af34481d 12448 
jasperreports_6.1.1+dfsg-5.debian.tar.xz
 af0ac858599b42d853909d40189b2c202eb181deda9594f3c1e704348ab65e91 3788914 
libjasperreports-java-doc_6.1.1+dfsg-5_all.deb
 988ec1a55082d0c89054e5b35e3658d108d598d028847848f9a0f730b7c7773f 4744392 
libjasperreports-java_6.1.1+dfsg-5_all.deb
Files:
 39a7cc4e3581d777e3ef53bcb56ea5d5 2951 java optional 
jasperreports_6.1.1+dfsg-5.dsc
 c51d82a437c257a11f63961322ccb32e 12448 java optional 
jasperreports_6.1.1+dfsg-5.debian.tar.xz
 809d531c63216a5dca95ab6983af7b69 3788914 doc optional 
libjasperreports-java-doc_6.1.1+dfsg-5_all.deb
 51305d4dd564ca55bca6cd07854d5e54 4744392 java optional 
libjasperreports-java_6.1.1+dfsg-5_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJXGfTDXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkFW4P/3Y4ApbCgCbQAuK2TvpHCzgO
B+kuNvvZYLDbXhKU+ZZgZHCwR6mD9B0O/epAkOvuPykyVnqzOUlxkJWfFgd9pBLT
ENAC8P8UNZVumeWaO+0AqyO85dECSt4ykLnMDruOXVJlx139Tu2iEf27errD3bFy
y+6N4WhK2crh4HO/xm77V4HP4lv3prIqWboLR7dxz7SY54wISmRq8Gpj/oHnf3if
OsXsA2Qvj4LbxUEBGpkl4Z69/elUuRwxYdB7ziSUicXJk8iwfGdk2J13cv59AXCR
GPfewdhs6Y7HAZYnlpupi3dKhpuTqfsYPJwbf5HojVoh34P58BSoe/LCO9F3RQBG
IsJHpgTfr578HNr/s/1y1aDduM2wlBDgVcWsvPqAK9UUXPz81OH5x5YUkZZHaugT
zlEYkctYi3/tot50srGubbf1TSfSm8FA9rNSD4MoBAqw+3xXqcFGGrpxFBF7DyN5
JAx6OPkmYpl3+KUtHr6YpJlNzI7sJhh4lWXvauJyYZyimwftoaRQEAlffTUs+3vf
yqCV5xTtCkbnH/b+hSVP17MtJKxxMcJOuj7ig7dNEgbCAz8xvM4ymP5jbVEipqCw
nhrcVsnioV8RKC3SEtMz3hmsxH0n0prBxKP3GfuQYD9nSA45CXzHWROon4HG181P
3TTlICTFp5wo9HdENOvz
=OK8f
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processing of jasperreports_6.1.1+dfsg-5_amd64.changes

[Debian FTP Masters]

jasperreports_6.1.1+dfsg-5_amd64.changes uploaded successfully to localhost
along with the files:
  jasperreports_6.1.1+dfsg-5.dsc
  jasperreports_6.1.1+dfsg-5.debian.tar.xz
  libjasperreports-java-doc_6.1.1+dfsg-5_all.deb
  libjasperreports-java_6.1.1+dfsg-5_all.deb

Greetings,

Your Debian queue daemon (running on host franck.debian.org)

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processing of jasperreports_6.1.1+dfsg-5_amd64.changes

[Debian FTP Masters]

jasperreports_6.1.1+dfsg-5_amd64.changes uploaded successfully to 
ftp-master.debian.org
along with the files:
  jasperreports_6.1.1+dfsg-5.dsc
  jasperreports_6.1.1+dfsg-5.debian.tar.xz
  libjasperreports-java-doc_6.1.1+dfsg-5_all.deb
  libjasperreports-java_6.1.1+dfsg-5_all.deb

Greetings,

Your Debian queue daemon (running on host coccia.debian.org)

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#801321: marked as done (commons-javaflow: depends on obsolete libasm2-java library)

[Debian Bug Tracking System]

Your message dated Fri, 22 Apr 2016 09:49:24 +
with message-id 
and subject line Bug#801321: fixed in commons-javaflow 0.0~svn20151101-1
has caused the Debian Bug report #801321,
regarding commons-javaflow: depends on obsolete libasm2-java library
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
801321: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801321
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: commons-javaflow
Severity: important
User: pkg-java-maintainers@lists.alioth.debian.org
Usertags: oldlibs libasm2-java

Hi,

commons-javaflow depends on libasm2-java, which is obsolete and was replaced by
libasm4-java. commons-javaflow should be ported to the new libasm4-java
version, so that we can remove the old, unmaintained one.

There are only four packages in Debian which depend on libasm2-java:

 - substance
 - liblaf-widget-java
 - jasperreports
 - commons-javaflow

substance and liblaf-widget-java are both five years old and there is no
indication of upstream development. substance is a build-dependency of
jajuk which is still actively developed but the Debian package is outdated.
jasperreports is also severely outdated. commons-javaflow has no
reverse-dependencies and a very low popcon value.

It would be great to "save" the first three packages, commons-javaflow should
probably be removed.


Regards,

Markus
--- End Message ---
--- Begin Message ---
Source: commons-javaflow
Source-Version: 0.0~svn20151101-1

We believe that the bug you reported is fixed in the latest version of
commons-javaflow, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 801...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Markus Koschany  (supplier of updated commons-javaflow package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Apr 2016 10:05:13 +0200
Source: commons-javaflow
Binary: libcommons-javaflow-java libcommons-javaflow-java-doc
Architecture: source
Version: 0.0~svn20151101-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description:
 libcommons-javaflow-java - Apache Commons Javaflow (Sandbox)
 libcommons-javaflow-java-doc - Documentation for Apache Commons Javaflow 
(Sandbox)
Closes: 801321
Changes:
 commons-javaflow (0.0~svn20151101-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream snapshot.
   * Declare compliance with Debian Policy 3.9.8.
   * Vcs-fields: Use https.
   * Switch from cdbs to dh sequencer.
   * New build system: Switch to Maven and use maven-debian-helper.
   * Use compat level 9 and require debhelper >= 9.
   * Switch to libasm-java. (Closes: #801321)
   * Add libcommons-io-java to Build-Depends. Remove libbcel-java.
   * Use Maven substvars instead of manually depending on packages.
   * Do not depend on default-jre-headless | java2-runtime-headless.
   * Update package description.
   * Remove debian/build.xml and debian/pom.xml.
   * Use debian/copyright format 1.0.
Checksums-Sha1:
 3830969c9ffe30b1ccdb90cf48147c72aad9d864 2626 
commons-javaflow_0.0~svn20151101-1.dsc
 dd4833b53299f812c1a8584b182285b639b326cf 72164 
commons-javaflow_0.0~svn20151101.orig.tar.gz
 87be06debcfdc191dff1864329917fb6f85f438d 3996 
commons-javaflow_0.0~svn20151101-1.debian.tar.xz
Checksums-Sha256:
 7d294d257f9a7d189030cb8f58bae02a3418484461e84e459f9f8b10161e9252 2626 
commons-javaflow_0.0~svn20151101-1.dsc
 dd9e2013e09d07b9fe528c7a9a393792c39e48aa3846ef3ddb83588dc1a28daa 72164 
commons-javaflow_0.0~svn20151101.orig.tar.gz
 1219159ba79721c7ab2426e769a9737559840c668e8c60a88fbdbe95f04aebb1 3996 
commons-javaflow_0.0~svn20151101-1.debian.tar.xz
Files:
 10df7a3f5281c2c2658f8dd5fa1c78b4 2626 java optional 
commons-javaflow_0.0~svn20151101-1.dsc
 8133fb4ce2d52aee89cc4b326e28 72164 java optional 
commons-javaflow_0.0~svn20151101.orig.tar.gz
 4ed24a28fb77e61b0bc59b835b84e2e8 3996 java optional 
commons-javaflow_0.0~svn20151101-1.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

Bug#690220: marked as done (libjgoodies-animation-java: New upstream release 1.4.2 available)

[Debian Bug Tracking System]

Your message dated Fri, 22 Apr 2016 09:50:04 +
with message-id 
and subject line Bug#690220: fixed in libjgoodies-animation-java 1.4.3-1
has caused the Debian Bug report #690220,
regarding libjgoodies-animation-java: New upstream release 1.4.2 available
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
690220: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690220
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libjgoodies-animation-java
Version: 1.2.0-5
Severity: wishlist

Version 1.4.2 has been released on 2012-07-24.

http://www.jgoodies.com/downloads/libraries/
http://www.jgoodies.com/download/libraries/animation/jgoodies-animation-1_4_2.zip

debian/watch and debian/control:Homepage needs an update.
The build-system has been changed from ant to maven.
--- End Message ---
--- Begin Message ---
Source: libjgoodies-animation-java
Source-Version: 1.4.3-1

We believe that the bug you reported is fixed in the latest version of
libjgoodies-animation-java, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 690...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Markus Koschany  (supplier of updated 
libjgoodies-animation-java package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Apr 2016 09:16:51 +0200
Source: libjgoodies-animation-java
Binary: libjgoodies-animation-java
Architecture: source
Version: 1.4.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description:
 libjgoodies-animation-java - Time-based real-time animations in Java
Closes: 690220
Changes:
 libjgoodies-animation-java (1.4.3-1) unstable; urgency=medium
 .
   * Team upload.
   * Update debian/watch. Newer versions are closed source now.
   * Imported Upstream version 1.4.3. (Closes: #690220)
   * Rename README.Debian-source to README.source.
   * Drop orig-tar.sh.
   * wrap-and-sort -sa.
   * Declare compliance with Debian Policy 3.9.8.
   * Use only Build-Depends field.
   * Use compat level 9 and require debhelper >= 9.
   * Use canonical Vcs-URI.
   * Add {maven:Depends} substvar.
   * Build system switched to Maven. Add maven-debian-helper to Build-Depends
 and remove Ant. Provide Maven artifacts.
   * Switch from cdbs to dh sequencer.
   * Drop ant.properties.
   * Add Suggests: ${maven:OptionalDepends}
   * Do not install the documentation into the library package anymore.
   * Update package description and remove second paragraph about Java 1.4
 requirements.
   * Add libjgoodies-animation-java.poms.
   * Add maven.rules.
   * Update debian/copyright to copyright format 1.0.
   * Update homepage field.
Checksums-Sha1:
 b6524e5bca32d0a9d33274249a031b015daa5bbb 2323 
libjgoodies-animation-java_1.4.3-1.dsc
 13e14b0e51513cb455a6742934f942236b898e94 25072 
libjgoodies-animation-java_1.4.3.orig.tar.xz
 b145c630d47a7388bf0089f15d5b501077e84c04 3172 
libjgoodies-animation-java_1.4.3-1.debian.tar.xz
Checksums-Sha256:
 408fef253e0dea94367b89be4e39919517ed1d3216e616da0d7ab15f6ce32917 2323 
libjgoodies-animation-java_1.4.3-1.dsc
 8b7f6f63f69c59e0145f969a60b15017561667f21964d5305625a75ab61f41b6 25072 
libjgoodies-animation-java_1.4.3.orig.tar.xz
 2f10c4bf0da642c50c9e954f38c9637bab3bdd43fad96309b9117900bc74aca8 3172 
libjgoodies-animation-java_1.4.3-1.debian.tar.xz
Files:
 0021cddbc63931994351cd51ccbb818d 2323 java optional 
libjgoodies-animation-java_1.4.3-1.dsc
 abf67e36102b5827dc55e18f6ea75160 25072 java optional 
libjgoodies-animation-java_1.4.3.orig.tar.xz
 e7207d51d41251a1e43650884bc7df44 3172 java optional 
libjgoodies-animation-java_1.4.3-1.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJXGdOwXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkVegP/iefFfwb60Vnddv5NJBCDj3+
ysKf4I8vasH1UFaNna7fNoWUTCTA3J0+3WjTPXhea/RP8X9CBXi+Q97Nh2J++nwM
sxB94F0uDT2SSgAQyvSiYhpUTF+HU5itSl6eZFy08hC4IZxeb0MNHcmfr1z7HIWy

libjgoodies-animation-java_1.4.3-1_source.changes ACCEPTED into unstable

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Apr 2016 09:16:51 +0200
Source: libjgoodies-animation-java
Binary: libjgoodies-animation-java
Architecture: source
Version: 1.4.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description:
 libjgoodies-animation-java - Time-based real-time animations in Java
Closes: 690220
Changes:
 libjgoodies-animation-java (1.4.3-1) unstable; urgency=medium
 .
   * Team upload.
   * Update debian/watch. Newer versions are closed source now.
   * Imported Upstream version 1.4.3. (Closes: #690220)
   * Rename README.Debian-source to README.source.
   * Drop orig-tar.sh.
   * wrap-and-sort -sa.
   * Declare compliance with Debian Policy 3.9.8.
   * Use only Build-Depends field.
   * Use compat level 9 and require debhelper >= 9.
   * Use canonical Vcs-URI.
   * Add {maven:Depends} substvar.
   * Build system switched to Maven. Add maven-debian-helper to Build-Depends
 and remove Ant. Provide Maven artifacts.
   * Switch from cdbs to dh sequencer.
   * Drop ant.properties.
   * Add Suggests: ${maven:OptionalDepends}
   * Do not install the documentation into the library package anymore.
   * Update package description and remove second paragraph about Java 1.4
 requirements.
   * Add libjgoodies-animation-java.poms.
   * Add maven.rules.
   * Update debian/copyright to copyright format 1.0.
   * Update homepage field.
Checksums-Sha1:
 b6524e5bca32d0a9d33274249a031b015daa5bbb 2323 
libjgoodies-animation-java_1.4.3-1.dsc
 13e14b0e51513cb455a6742934f942236b898e94 25072 
libjgoodies-animation-java_1.4.3.orig.tar.xz
 b145c630d47a7388bf0089f15d5b501077e84c04 3172 
libjgoodies-animation-java_1.4.3-1.debian.tar.xz
Checksums-Sha256:
 408fef253e0dea94367b89be4e39919517ed1d3216e616da0d7ab15f6ce32917 2323 
libjgoodies-animation-java_1.4.3-1.dsc
 8b7f6f63f69c59e0145f969a60b15017561667f21964d5305625a75ab61f41b6 25072 
libjgoodies-animation-java_1.4.3.orig.tar.xz
 2f10c4bf0da642c50c9e954f38c9637bab3bdd43fad96309b9117900bc74aca8 3172 
libjgoodies-animation-java_1.4.3-1.debian.tar.xz
Files:
 0021cddbc63931994351cd51ccbb818d 2323 java optional 
libjgoodies-animation-java_1.4.3-1.dsc
 abf67e36102b5827dc55e18f6ea75160 25072 java optional 
libjgoodies-animation-java_1.4.3.orig.tar.xz
 e7207d51d41251a1e43650884bc7df44 3172 java optional 
libjgoodies-animation-java_1.4.3-1.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJXGdOwXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkVegP/iefFfwb60Vnddv5NJBCDj3+
ysKf4I8vasH1UFaNna7fNoWUTCTA3J0+3WjTPXhea/RP8X9CBXi+Q97Nh2J++nwM
sxB94F0uDT2SSgAQyvSiYhpUTF+HU5itSl6eZFy08hC4IZxeb0MNHcmfr1z7HIWy
C741VDFRgTLeaiR1KoUgpyquQktJBHIEX0bUR98u9WYBi1quZHcBXpmLDt/4F0Ek
K5wAKTIo3wUqgPgZ87fEjx6hvyJLn5iCRz4BPpENG3NVYOPsZPNaab+v9WzjUtMa
dICsEKD90BgxzHFAI/1DWcx8/t1KExtIb4VA4TEFs7I58SYLutD1jtFfrINDygP8
gv4bZBj2xg0sE2xbPWgqL3wirhMqEnZRRY7k/ImoPtJTclL3eYA0AxKHnNXtO1NP
C3wstMqF/dhR4NHWVbjMnz3iolWpX0wS8Spp1mn5f8H+PAGnCm62q2G6P+V79ujz
4HGmEQbz9EdV1pkNXM+Vgmlc5u63dX/JywKzIkKGKWZx1EIglwbk5eaIHRSNhINN
BxVRKdYM0goxPaPrWTyEeyUDUGnG70oygLCu8o6Ec5mtG2KIwjTtkmuQE4Yh52j7
qHrsd3Rate57inyqaJgfZNgRJLaSyJkRn8ri2OA3b8ne9dA0e/79qER1QaX0mwBl
kc7hHUUbhjVH6y2M//Yu
=uJ42
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

commons-javaflow_0.0~svn20151101-1_source.changes ACCEPTED into unstable

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 22 Apr 2016 10:05:13 +0200
Source: commons-javaflow
Binary: libcommons-javaflow-java libcommons-javaflow-java-doc
Architecture: source
Version: 0.0~svn20151101-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description:
 libcommons-javaflow-java - Apache Commons Javaflow (Sandbox)
 libcommons-javaflow-java-doc - Documentation for Apache Commons Javaflow 
(Sandbox)
Closes: 801321
Changes:
 commons-javaflow (0.0~svn20151101-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream snapshot.
   * Declare compliance with Debian Policy 3.9.8.
   * Vcs-fields: Use https.
   * Switch from cdbs to dh sequencer.
   * New build system: Switch to Maven and use maven-debian-helper.
   * Use compat level 9 and require debhelper >= 9.
   * Switch to libasm-java. (Closes: #801321)
   * Add libcommons-io-java to Build-Depends. Remove libbcel-java.
   * Use Maven substvars instead of manually depending on packages.
   * Do not depend on default-jre-headless | java2-runtime-headless.
   * Update package description.
   * Remove debian/build.xml and debian/pom.xml.
   * Use debian/copyright format 1.0.
Checksums-Sha1:
 3830969c9ffe30b1ccdb90cf48147c72aad9d864 2626 
commons-javaflow_0.0~svn20151101-1.dsc
 dd4833b53299f812c1a8584b182285b639b326cf 72164 
commons-javaflow_0.0~svn20151101.orig.tar.gz
 87be06debcfdc191dff1864329917fb6f85f438d 3996 
commons-javaflow_0.0~svn20151101-1.debian.tar.xz
Checksums-Sha256:
 7d294d257f9a7d189030cb8f58bae02a3418484461e84e459f9f8b10161e9252 2626 
commons-javaflow_0.0~svn20151101-1.dsc
 dd9e2013e09d07b9fe528c7a9a393792c39e48aa3846ef3ddb83588dc1a28daa 72164 
commons-javaflow_0.0~svn20151101.orig.tar.gz
 1219159ba79721c7ab2426e769a9737559840c668e8c60a88fbdbe95f04aebb1 3996 
commons-javaflow_0.0~svn20151101-1.debian.tar.xz
Files:
 10df7a3f5281c2c2658f8dd5fa1c78b4 2626 java optional 
commons-javaflow_0.0~svn20151101-1.dsc
 8133fb4ce2d52aee89cc4b326e28 72164 java optional 
commons-javaflow_0.0~svn20151101.orig.tar.gz
 4ed24a28fb77e61b0bc59b835b84e2e8 3996 java optional 
commons-javaflow_0.0~svn20151101-1.debian.tar.xz

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJ8BAEBCgBmBQJXGeUCXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkIM4QALzcJu9D4uzC6Ef0OS8yNGBA
AQlAQh69ilt4+hBGhm/GjEEK2ySy8P/UimC/cK9SrsQDNppZPz8vLO3j5tfIvT4H
gMaTy434OJxezX6QT5bUyzIDD9oRLg9N8eMMBf+n2l9R7oIK9bLT3KAE6Qd3qFpD
5X7mTqloHh91KyPjhuVZV+ewjXHRAKEit05GqjXhOPFhPQgZKLSnMNF73TVd//0b
+fZJqu7QezkutiGTI9YbQ1V4W5E4Ak9hZZv4Xca9zIrkqgcHSnlBr85wtElD1rJN
kJAC6sV0zFAMZ/eYTI2JMw2+iv+wRHy5iwkKwsEH8bClxynmhwG7CH3c5Yu97ztR
FU48DfewQFuwLIUjYU0v/iZFsLpsJFWaSTE+YLrS1tFhqlpjyxUP0XjG+IZkTsbi
B825kSWxp504rp5eZjiqK6hZZKRM0xs3ud6ogTXc55JbzwCqFn25OUCss0797sPQ
HLZViwOK4rEAYyWJtV84SbvCwIcVXxnaaVg4PTf2o7Bf6z9HQqW4Hv4mPffvR0bE
tE53Zzjv2tTBfxoadGNtxLJu200a1iXNFuod7feiNUYVCksPUmi8zzLsi9nlFbZy
LOy6ekywNiqXxKsS6QwQS7MCnQc39Zz3B6tY6RaJf4DdUq83cUx1J/HkzxZ+FwQg
UPZDNHPPhcnLUNciBzcl
=IjUi
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processing of commons-javaflow_0.0~svn20151101-1_source.changes

[Debian FTP Masters]

commons-javaflow_0.0~svn20151101-1_source.changes uploaded successfully to 
localhost
along with the files:
  commons-javaflow_0.0~svn20151101-1.dsc
  commons-javaflow_0.0~svn20151101.orig.tar.gz
  commons-javaflow_0.0~svn20151101-1.debian.tar.xz

Greetings,

Your Debian queue daemon (running on host franck.debian.org)

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processing of commons-javaflow_0.0~svn20151101-1_source.changes

[Debian FTP Masters]

commons-javaflow_0.0~svn20151101-1_source.changes uploaded successfully to 
ftp-master.debian.org
along with the files:
  commons-javaflow_0.0~svn20151101-1.dsc
  commons-javaflow_0.0~svn20151101.orig.tar.gz
  commons-javaflow_0.0~svn20151101-1.debian.tar.xz

Greetings,

Your Debian queue daemon (running on host coccia.debian.org)

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processing of libjgoodies-animation-java_1.4.3-1_source.changes

[Debian FTP Masters]

libjgoodies-animation-java_1.4.3-1_source.changes uploaded successfully to 
localhost
along with the files:
  libjgoodies-animation-java_1.4.3-1.dsc
  libjgoodies-animation-java_1.4.3.orig.tar.xz
  libjgoodies-animation-java_1.4.3-1.debian.tar.xz

Greetings,

Your Debian queue daemon (running on host franck.debian.org)

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processing of libjgoodies-animation-java_1.4.3-1_source.changes

[Debian FTP Masters]

libjgoodies-animation-java_1.4.3-1_source.changes uploaded successfully to 
ftp-master.debian.org
along with the files:
  libjgoodies-animation-java_1.4.3-1.dsc
  libjgoodies-animation-java_1.4.3.orig.tar.xz
  libjgoodies-animation-java_1.4.3-1.debian.tar.xz

Greetings,

Your Debian queue daemon (running on host coccia.debian.org)

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.