Bug#921772: CVE-2018-1000652

2019-04-12 Thread Salvatore Bonaccorso
Hi Tony, On Thu, Apr 11, 2019 at 10:20:32PM -0700, tony mancill wrote: > On Fri, Feb 08, 2019 at 11:37:20PM +0100, Moritz Muehlenhoff wrote: > > Package: jabref > > Severity: grave > > Tags: security > > > > This was assigned CVE-2018-1000652: > > https://github.com/JabRef/jabref/issues/4229 > >

Bug#921772: CVE-2018-1000652

2019-04-11 Thread tony mancill
On Fri, Feb 08, 2019 at 11:37:20PM +0100, Moritz Muehlenhoff wrote: > Package: jabref > Severity: grave > Tags: security > > This was assigned CVE-2018-1000652: > https://github.com/JabRef/jabref/issues/4229 > https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e Hello

Bug#921772: CVE-2018-1000652

2019-02-09 Thread gregor herrmann
On Sat, 09 Feb 2019 09:47:08 -0800, tony mancill wrote: > > Seems like we either need a new build dependency, or remove the > > logging part, or rewrite it … I'd be grateful for help from Java > > experts :) > Thank you for doing this. I guess upstream switched out the logging > implementation

Bug#921772: CVE-2018-1000652

2019-02-09 Thread tony mancill
On Sat, Feb 09, 2019 at 01:11:52AM +0100, gregor herrmann wrote: > On Fri, 08 Feb 2019 23:37:20 +0100, Moritz Muehlenhoff wrote: > > > This was assigned CVE-2018-1000652: > > https://github.com/JabRef/jabref/issues/4229 > >

Bug#921772: CVE-2018-1000652

2019-02-08 Thread gregor herrmann
On Fri, 08 Feb 2019 23:37:20 +0100, Moritz Muehlenhoff wrote: > This was assigned CVE-2018-1000652: > https://github.com/JabRef/jabref/issues/4229 > https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e Thanks Moritz. I've added a slightly adjusted and trimmed-down

Bug#921772: CVE-2018-1000652

2019-02-08 Thread Moritz Muehlenhoff
Package: jabref Severity: grave Tags: security This was assigned CVE-2018-1000652: https://github.com/JabRef/jabref/issues/4229 https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e Cheers, Moritz