Source: libxalan2-java Severity: grave Tags: security upstream fixed-upstream
Hi, the following vulnerability was published for libxalan2-java, could you please verify. CVE-2014-0107[0]: Xalan-Java insufficient secure processing If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2014-0107 [1] https://issues.apache.org/jira/browse/XALANJ-2435 [2] https://svn.apache.org/viewvc?view=revision&revision=1581058 [3] http://www.ocert.org/advisories/ocert-2014-002.html Please adjust the affected versions in the BTS as needed. Regards, Salvatore __ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.