Package: src:glassfish Version: 1:2.1.1-b31g-3 Severity: serious Tags: security
Dear glassfish maintainers, Please determine whether and how glassfish as present in Debian is affected by CVE-2012-3155. Please adjust the severity of this bug accordingly. | Unspecified vulnerability in the CORBA ORB component in Sun GlassFish | Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and | Sun Java System Application Server 8.1 and 8.2 allows remote attackers | to affect availability, related to CORBA ORB. Oracle mentions it on this page: http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html Ubuntu has classified the issue medium and affected thus far: http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-3155.html Neither Red Hat nor Gentoo track the issue at the time of this writing. Helmut __ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.