lombok is marked for autoremoval from testing

lombok 1.16.18+ds-3 is marked for autoremoval from testing on 2018-09-30 It (build-)depends on packages with these RC bugs: 906366: ivyplusplus: FTBFS in buster/sid 906383: lombok-patcher: FTBFS in buster/sid __ This is the maintainer address of Debian's Java team

lombok-patcher is marked for autoremoval from testing

lombok-patcher 0.22-2 is marked for autoremoval from testing on 2018-09-30 It is affected by these RC bugs: 906383: lombok-patcher: FTBFS in buster/sid It (build-)depends on packages with these RC bugs: 906366: ivyplusplus: FTBFS in buster/sid __ This is the maintainer address of Debian's Java

ivyplusplus is marked for autoremoval from testing

ivyplusplus 1.14-5 is marked for autoremoval from testing on 2018-09-30 It is affected by these RC bugs: 906366: ivyplusplus: FTBFS in buster/sid It (build-)depends on packages with these RC bugs: 906383: lombok-patcher: FTBFS in buster/sid __ This is the maintainer address of Debian's Java tea

libitext5-java is marked for autoremoval from testing

libitext5-java 5.5.6-4 is marked for autoremoval from testing on 2018-09-30 It is affected by these RC bugs: 906375: libitext5-java: FTBFS in buster/sid (method marshal in class org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature cannot be applied to given types) __ This is the maintainer add

lombok-ast is marked for autoremoval from testing

lombok-ast 0.2+ds-3 is marked for autoremoval from testing on 2018-09-15 It is affected by these RC bugs: 906382: lombok-ast: FTBFS in buster/sid It (build-)depends on packages with these RC bugs: 906366: ivyplusplus: FTBFS in buster/sid 906383: lombok-patcher: FTBFS in buster/sid __ This is th

bookkeeper is marked for autoremoval from testing

bookkeeper 4.4.0-1 is marked for autoremoval from testing on 2018-09-15 It is affected by these RC bugs: 906340: bookkeeper: FTBFS in buster/sid (Could not resolve dependencies for project org.apache.bookkeeper:bookkeeper-server:jar:4.4.0) __ This is the maintainer address of Debian's Java team

obantoo is marked for autoremoval from testing

obantoo 2.1.12+ds1-1 is marked for autoremoval from testing on 2018-09-30 It (build-)depends on packages with these RC bugs: 906375: libitext5-java: FTBFS in buster/sid (method marshal in class org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature cannot be applied to given types) __ This is th

jabref is marked for autoremoval from testing

jabref 3.8.2+ds-6 is marked for autoremoval from testing on 2018-09-15 It is affected by these RC bugs: 906367: jabref: FTBFS in buster/sid __ This is the maintainer address of Debian's Java team . Please use debian-

hibiscus is marked for autoremoval from testing

hibiscus 2.8.3+dfsg-2 is marked for autoremoval from testing on 2018-09-30 It (build-)depends on packages with these RC bugs: 906375: libitext5-java: FTBFS in buster/sid (method marshal in class org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature cannot be applied to given types) __ This is t

bintray-client-java is marked for autoremoval from testing

bintray-client-java 0.8.1-3 is marked for autoremoval from testing on 2018-09-15 It is affected by these RC bugs: 906336: bintray-client-java: FTBFS in buster/sid __ This is the maintainer address of Debian's Java team

byte-buddy is marked for autoremoval from testing

byte-buddy 1.7.11-1 is marked for autoremoval from testing on 2018-09-15 It is affected by these RC bugs: 906342: byte-buddy: FTBFS in buster/sid (Cannot find parent dependency net.bytebuddy:byte-buddy-parent:pom:debian) It (build-)depends on packages with these RC bugs: 906366: ivyplusplus: FTB

kdgcommons-java: status change on tests.reproducible-builds.org/debian

2018-08-24 23:22 https://tests.reproducible-builds.org/debian/unstable/amd64/kdgcommons-java changed from reproducible -> FTBFS __ This is the maintainer address of Debian's Java team . Please use debian-j...@lists.d

Bug#898935: marked as done (tomcat8: CVE-2018-8014: The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials')

Your message dated Sat, 25 Aug 2018 00:13:27 +0200 with message-id and subject line Re: Bug#898935: migrate fix to stretch security has caused the Debian Bug report #898935, regarding tomcat8: CVE-2018-8014: The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enab

Bug#898935: Tomcat 8 security issues in Stretch

A security update has been sent to Debian's security team and we expect that the current open issues in Stretch will be fixed in due time. Please note that Tomcat 7 in Stretch is not vulnerable to any of those issues because we only build the servlet API. Regards, Markus signature.asc Descript

Bug#898935: migrate fix to stretch security

Version: 8.5.32-1 This issue was fixed in 8.5.32-1. I am going to close this bug report now. Markus signature.asc Description: OpenPGP digital signature __ This is the maintainer address of Debian's Java team . Ple

Bug#828451: netty fix released, netty-tcnative patch accepted

On Mon, May 28, 2018 at 05:59:08PM +0200, Emilio Pozuelo Monfort wrote: > On Tue, 17 Apr 2018 20:55:00 +0200 Emilio Pozuelo Monfort > wrote: > > On Wed, 24 Jan 2018 11:07:19 + deb...@fau.xxx wrote: > > > Upstream have accepted both patches. netty 4.1.20 has been released, > > > which will run

Bug#906411:

The underlying cause seems to be a fix in maven-shared-utils 3.2, which was uploaded recently. The fix MSHARED-610 [1] seems to have exposed IOException that were previously being ignored, so surefire now needs to be updated to handle those. I have opened a bug report upstream (SUREFIRE-1558 [2])

jetty9_9.2.21-1+deb9u1_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 19 Jul 2018 23:50:37 +0200 Source: jetty9 Binary: libjetty9-java libjetty9-extra-java jetty9 Architecture: source all Version: 9.2.21-1+deb9u1 Distribution: stretch-security Urgency: medium Maintainer: Debian Java

Bug#898935: migrate fix to stretch security

Am 24.08.2018 um 09:30 schrieb Bogdan Veringioiu: > Hello all, > > is there any plan to migrate the fix to stretch security ? > > I would be interested in the fixes for CVE-2018-1304, CVE-2018-1305 > (resolved in 7.0.88, and in 8.5.32-1 testing) which are important for a > security certification

Bug#907147: jetty9: FTBFS in buster/sid (Failed to execute goal on project jetty-jaspi)

Package: src:jetty9 Version: 9.2.25-1 Severity: serious Tags: ftbfs Dear maintainer: I tried to build this package in buster but it failed: [...] debian/rules build-indep dh build-indep --with javahelper dh_upda

Bug#898935: migrate fix to stretch security

Hello all, is there any plan to migrate the fix to stretch security ? I would be interested in the fixes for CVE-2018-1304, CVE-2018-1305 (resolved in 7.0.88, and in 8.5.32-1 testing) which are important for a security certification (PCI) on our stretch machines. Thank you, -- Bogdan Vering