Bug#857343: marked as done (logback: CVE-2017-5929: serialization vulnerability affecting the SocketServer and ServerSocketReceiver components)

Your message dated Tue, 04 Apr 2017 14:49:44 + with message-id and subject line Bug#857343: fixed in logback 1:1.1.9-3 has caused the Debian Bug report #857343, regarding logback: CVE-2017-5929: serialization vulnerability affecting the SocketServer and

Bug#858914: marked as done (CVE-2017-5929: serialization vulnerability in SocketServer and ServerSocketReceiver)

Your message dated Tue, 04 Apr 2017 14:49:44 + with message-id and subject line Bug#857343: fixed in logback 1:1.1.9-3 has caused the Debian Bug report #857343, regarding CVE-2017-5929: serialization vulnerability in SocketServer and ServerSocketReceiver

logback_1.1.9-3_source.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 04 Apr 2017 14:49:44 +0200 Source: logback Binary: liblogback-java liblogback-java-doc Architecture: source Version: 1:1.1.9-3 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

Processing of logback_1.1.9-3_source.changes

logback_1.1.9-3_source.changes uploaded successfully to localhost along with the files: logback_1.1.9-3.dsc logback_1.1.9-3.debian.tar.xz logback_1.1.9-3_amd64.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) __ This is the maintainer address of

Bug#857343: closed by Markus Koschany <a...@debian.org> (Bug#857343: fixed in logback 1:1.1.9-2)

Am 01.04.2017 um 08:20 schrieb Fabrice Dagorn: > The POC is a simple Eclipse java project. > > UnsafeReceiver will open a ServerSocketReceiver on port and wait > forever. > > Injector will then open a client Socket to the ServerSocketReceiver and > serialize a Calculator instance through

libpedantic-clojure_0.2.0-1_all.changes REJECTED

Embeds quite a few unreferenced/unattributed files in docs/uberdoc.html. There might be more; please check over your entire package :) -- Chris Lamb Tue, 04 Apr 2017 09:05:23 + === Please feel free to respond to this email if you don't understand why your files

Bug#859004: Bug#859001: Let's remove BrowserLauncher from Stretch

On 03/30/2017 04:30 PM, Ole Streicher wrote: One question here: the tutorial [1] says "Use the isDesktopSupported() method to determine whether the Desktop API is available. On the Solaris Operating System and the Linux platform, this API is dependent on Gnome libraries. If those libraries are

Bug#859005: Bug#859001: Let's remove BrowserLauncher from Stretch

Hi Emmanuel, Am 04.04.2017 um 10:52 schrieb Emmanuel Bourg: > Excellent question, this needs some testing with various desktop > environments. I wrote a short test script and run it under Stretch and Jessie chroots, right after (jessie)oles@donar:~$ sudo apt install default-jre

Bug#631991: libmaven-ant-tasks-java is missing all its dependencies.

On 04/03/2017 08:26 PM, Adrian Bunk wrote: Missing dependencies are considered RC. Adding ${maven:Depends} to Depends adds dependencies that look correct, but someone should double-check whether this is the correct fix. Actually the dependencies are embedded in the jar generated, so there is