easybind is marked for autoremoval from testing

easybind 1.0.3-1 is marked for autoremoval from testing on 2017-01-31 It is affected by these RC bugs: 849930: easybind: FTBFS (Cannot find pom file easybind.pom) __ This is the maintainer address of Debian's Java team

Bug#850774: libclojure-java: fails to upgrade squeeze -> wheezy -> jessie -> stretch

Package: libclojure-java Version: 1.8.0-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Control: affects -1 + clojure Hi, during a test with piuparts I noticed your package fails to upgrade from 'squeeze' to 'wheezy' to 'jessie' to 'stretch'. It installed fine in

Processed: libclojure-java: fails to upgrade squeeze -> wheezy -> jessie -> stretch

Processing control commands: > affects -1 + clojure Bug #850774 [libclojure-java] libclojure-java: fails to upgrade squeeze -> wheezy -> jessie -> stretch Added indication that 850774 affects clojure -- 850774: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850774 Debian Bug Tracking System

Bug#793770: marked as done (Cookie parsing bug may lead to 'HttpOnly' cookie bypass (CVE-2015-2156))

Your message dated Tue, 10 Jan 2017 01:03:29 + with message-id and subject line Bug#793770: fixed in netty-3.9 3.9.9.Final-1 has caused the Debian Bug report #793770, regarding Cookie parsing bug may lead to 'HttpOnly' cookie bypass (CVE-2015-2156) to be

netty-3.9_3.9.9.Final-1_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 10 Jan 2017 00:01:59 +0100 Source: netty-3.9 Binary: libnetty-3.9-java Architecture: source all Version: 3.9.9.Final-1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

Processing of netty-3.9_3.9.9.Final-1_amd64.changes

netty-3.9_3.9.9.Final-1_amd64.changes uploaded successfully to localhost along with the files: netty-3.9_3.9.9.Final-1.dsc netty-3.9_3.9.9.Final.orig.tar.xz netty-3.9_3.9.9.Final-1.debian.tar.xz libnetty-3.9-java_3.9.9.Final-1_all.deb netty-3.9_3.9.9.Final-1_amd64.buildinfo Greetings,

reproducible.debian.net status changes for tika

2017-01-09 23:47 https://tests.reproducible-builds.org/debian/unstable/amd64/tika changed from reproducible -> FTBFS __ This is the maintainer address of Debian's Java team . Please use debian-j...@lists.debian.org

Bug#793770: Cookie parsing bug may lead to 'HttpOnly' cookie bypass (CVE-2015-2156)

Le 9/01/2017 à 23:37, Moritz Muehlenhoff a écrit : > This is unfixed with a patch for nearly 1.5 years, can we please get this > fixed for the stretch release. Hi Moritz, Thank you for the reminder. The fix was backported in the version 3.9.7. I'll update the package to the latest 3.9.x

Processed: Re: Cookie parsing bug may lead to 'HttpOnly' cookie bypass (CVE-2015-2156)

Processing commands for cont...@bugs.debian.org: > severity 793770 grave Bug #793770 [src:netty-3.9] Cookie parsing bug may lead to 'HttpOnly' cookie bypass (CVE-2015-2156) Severity set to 'grave' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. --

Bug#793770: Cookie parsing bug may lead to 'HttpOnly' cookie bypass (CVE-2015-2156)

severity 793770 grave thanks On Mon, Jul 27, 2015 at 11:51:53AM +0200, Luca Bruno wrote: > Source: netty-3.9 > Version: 3.9.0.Final-1 > Severity: important > Tags: security upstream patch > > LinkedIn Security Team discovered a "Cookie" header parsing bug in Netty > that could lead to universal

Bug#820943: marked as done (libpostgresql-jdbc-java: Please default to JDBC4)

Your message dated Mon, 09 Jan 2017 19:21:09 + with message-id and subject line Bug#820943: fixed in libpgjava 9.4.1212-1 has caused the Debian Bug report #820943, regarding libpostgresql-jdbc-java: Please default to JDBC4 to be marked as done. This means

Bug#820942: marked as done (libpostgresql-jdbc-java: NonValidatingFactory missing from JDBC3 driver)

Your message dated Mon, 09 Jan 2017 19:21:09 + with message-id and subject line Bug#820942: fixed in libpgjava 9.4.1212-1 has caused the Debian Bug report #820942, regarding libpostgresql-jdbc-java: NonValidatingFactory missing from JDBC3 driver to be

Bug#783456: marked as done (libpostgresql-jdbc-java: please clarify version compatibility in package descriptions)

Your message dated Mon, 09 Jan 2017 19:21:09 + with message-id and subject line Bug#783456: fixed in libpgjava 9.4.1212-1 has caused the Debian Bug report #783456, regarding libpostgresql-jdbc-java: please clarify version compatibility in package

Bug#813365: marked as done (libpgjava: Driver is outdated, there are new versions upstream, please upgrade.)

Your message dated Mon, 09 Jan 2017 19:21:09 + with message-id and subject line Bug#813365: fixed in libpgjava 9.4.1212-1 has caused the Debian Bug report #813365, regarding libpgjava: Driver is outdated, there are new versions upstream, please upgrade.

libpgjava_9.4.1212-1_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 09 Jan 2017 19:54:54 +0100 Source: libpgjava Binary: libpostgresql-jdbc-java libpostgresql-jdbc-java-doc Architecture: source all Version: 9.4.1212-1 Distribution: unstable Urgency: medium Maintainer: Debian Java

Processing of libpgjava_9.4.1212-1_amd64.changes

libpgjava_9.4.1212-1_amd64.changes uploaded successfully to localhost along with the files: libpgjava_9.4.1212-1.dsc libpgjava_9.4.1212.orig.tar.xz libpgjava_9.4.1212-1.debian.tar.xz libpgjava_9.4.1212-1_amd64.buildinfo libpostgresql-jdbc-java-doc_9.4.1212-1_all.deb

Bug#783456: Pending fixes for bugs in the libpostgresql-jdbc-java package

tag 783456 + pending thanks Some bugs in the libpostgresql-jdbc-java package are closed in revision 7cb5550de838879024225cc9ee732a259e34b351 in branch 'master' by Emmanuel Bourg The full diff can be seen at https://anonscm.debian.org/cgit/pkg-java/libpostgresql-jdbc-java.git/commit/?id=7cb5550

Processed: Pending fixes for bugs in the libpostgresql-jdbc-java package

Processing commands for cont...@bugs.debian.org: > tag 783456 + pending Bug #783456 [libpostgresql-jdbc-java] libpostgresql-jdbc-java: please clarify version compatibility in package descriptions Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance.

Processed: Pending fixes for bugs in the libpostgresql-jdbc-java package

Processing commands for cont...@bugs.debian.org: > tag 820943 + pending Bug #820943 [libpostgresql-jdbc-java] libpostgresql-jdbc-java: Please default to JDBC4 Added tag(s) pending. > tag 820942 + pending Bug #820942 [libpostgresql-jdbc-java] libpostgresql-jdbc-java: NonValidatingFactory missing

Bug#820943: Pending fixes for bugs in the libpostgresql-jdbc-java package

tag 820943 + pending tag 820942 + pending thanks Some bugs in the libpostgresql-jdbc-java package are closed in revision 79263c1288ce81dae9c92cee2dc11cac1f0a8986 in branch 'master' by Emmanuel Bourg The full diff can be seen at

Bug#850700: sid/stretch version depends on servlet-api-2.5.jar

Hi Chris, Thank you for spotting this issue. The Servlet API shouldn't be listed in the Class-Path attribute since this dependency is provided by the Servlet container. Why do you think this is a serious issue? How does this affect your application? Emmanuel Bourg __ This is the maintainer

Bug#850700: sid/stretch version depends on servlet-api-2.5.jar

Package: libresteasy-java Version: 3.0.19-2 Severity: serious Dear maintainer, The META-INF/MANIFEST.MF of the JAR files in this package state that this package depends on servlet-api-2.5.jar which has now been removed from testing/stretch and unstable/sid: Class-Path:

libminlog-java_1.3.0-1_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 09 Jan 2017 10:17:03 +0100 Source: libminlog-java Binary: libminlog-java libminlog-java-doc Architecture: source all Version: 1.3.0-1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

Processing of libminlog-java_1.3.0-1_amd64.changes

libminlog-java_1.3.0-1_amd64.changes uploaded successfully to localhost along with the files: libminlog-java_1.3.0-1.dsc libminlog-java_1.3.0.orig.tar.xz libminlog-java_1.3.0-1.debian.tar.xz libminlog-java-doc_1.3.0-1_all.deb libminlog-java_1.3.0-1_all.deb