xmlbeans_2.6.0-4_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 20 Feb 2016 08:49:20 +0200 Source: xmlbeans Binary: libxmlbeans-java xmlbeans Architecture: source all Version: 2.6.0-4 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

Processing of xmlbeans_2.6.0-4_amd64.changes

xmlbeans_2.6.0-4_amd64.changes uploaded successfully to localhost along with the files: xmlbeans_2.6.0-4.dsc xmlbeans_2.6.0-4.debian.tar.xz libxmlbeans-java_2.6.0-4_all.deb xmlbeans_2.6.0-4_all.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) __ This

reproducible.debian.net status changes for robocode

2016-02-19 21:07 https://tests.reproducible-builds.org/unstable/amd64/robocode changed from reproducible -> FTBFS __ This is the maintainer address of Debian's Java team . Please use debian-j...@lists.debian.org for

libglazedlists-java 1.9.0+dfsg-2 MIGRATED to testing

FYI: The status of the libglazedlists-java source package in Debian's testing distribution has changed. Previous version: 1.9.0+dfsg-1 Current version: 1.9.0+dfsg-2 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times

plexus-bsh-factory_1.0~alpha7-3.1_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 19 Feb 2016 16:57:41 +0100 Source: plexus-bsh-factory Binary: libplexus-bsh-factory-java Architecture: source all Version: 1.0~alpha7-3.1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

Bug#700610: bsh (BeanShell) security vulnerability (CVE-2016-2510)

Hi, thanks. I agree that this is a general Java issue in any application using serialization - the vulnerability attack vector would just move to less common libraries (we point this out in the release notes). Also I must admit for me it was a bit confuising at first to learn about how a

Processing of plexus-bsh-factory_1.0~alpha7-3.1_amd64.changes

plexus-bsh-factory_1.0~alpha7-3.1_amd64.changes uploaded successfully to localhost along with the files: plexus-bsh-factory_1.0~alpha7-3.1.dsc plexus-bsh-factory_1.0~alpha7-3.1.debian.tar.xz libplexus-bsh-factory-java_1.0~alpha7-3.1_all.deb Greetings, Your Debian queue daemon

Bug#700610: bsh (BeanShell) security vulnerability (CVE-2016-2510)

Hi Stian, Thank you for the notice. Technically this isn't a vulnerability in bsh though, the issue is any application deserializing untrusted data without sanitizing it and having bsh on the classpath. I'm not aware of such applications in Debian, but if there is one it should be fixed in

Bug#700610: Fwd: bsh (BeanShell) security vulnerability (CVE-2016-2510)

-- Forwarded message -- From: Stian Soiland-Reyes Date: 19 February 2016 at 12:10 Subject: bsh (BeanShell) security vulnerability (CVE-2016-2510) To: t...@security.debian.org, debian-j...@lists.debian.org Hi, BeanShell aka bsh has released a security fix

maven-debian-helper_2.0.5_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 19 Feb 2016 12:07:43 +0100 Source: maven-debian-helper Binary: maven-debian-helper Architecture: source all Version: 2.0.5 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

Processing of maven-debian-helper_2.0.5_amd64.changes

maven-debian-helper_2.0.5_amd64.changes uploaded successfully to localhost along with the files: maven-debian-helper_2.0.5.dsc maven-debian-helper_2.0.5.tar.xz maven-debian-helper_2.0.5_all.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) __ This is the

Bug#815137: Release 56.1 Is Available

Source: icu4j Version: 4.2.1.1-3 Severity: wishlist The Android Frameworks for developing Android applications depends on icu4j-56, please update this source package to at least 56. Better to avoid creating another libicu4j-56-java :( Would be better if it is migrated to Git. __ This is the