Bug#815137: Release 56.1 Is Available

2016-02-19 Thread 殷啟聰
Source: icu4j Version: 4.2.1.1-3 Severity: wishlist The Android Frameworks for developing Android applications depends on icu4j-56, please update this source package to at least 56. Better to avoid creating another libicu4j-56-java :( Would be better if it is migrated to Git. __ This is the

Processing of maven-debian-helper_2.0.5_amd64.changes

2016-02-19 Thread Debian FTP Masters
maven-debian-helper_2.0.5_amd64.changes uploaded successfully to localhost along with the files: maven-debian-helper_2.0.5.dsc maven-debian-helper_2.0.5.tar.xz maven-debian-helper_2.0.5_all.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) __ This is the

maven-debian-helper_2.0.5_amd64.changes ACCEPTED into unstable

2016-02-19 Thread Debian FTP Masters
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 19 Feb 2016 12:07:43 +0100 Source: maven-debian-helper Binary: maven-debian-helper Architecture: source all Version: 2.0.5 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

Bug#700610: Fwd: bsh (BeanShell) security vulnerability (CVE-2016-2510)

2016-02-19 Thread Stian Soiland-Reyes
-- Forwarded message -- From: Stian Soiland-Reyes Date: 19 February 2016 at 12:10 Subject: bsh (BeanShell) security vulnerability (CVE-2016-2510) To: t...@security.debian.org, debian-j...@lists.debian.org Hi, BeanShell aka bsh has released a security fix

Bug#700610: bsh (BeanShell) security vulnerability (CVE-2016-2510)

2016-02-19 Thread Emmanuel Bourg
Hi Stian, Thank you for the notice. Technically this isn't a vulnerability in bsh though, the issue is any application deserializing untrusted data without sanitizing it and having bsh on the classpath. I'm not aware of such applications in Debian, but if there is one it should be fixed in

Processing of plexus-bsh-factory_1.0~alpha7-3.1_amd64.changes

2016-02-19 Thread Debian FTP Masters
plexus-bsh-factory_1.0~alpha7-3.1_amd64.changes uploaded successfully to localhost along with the files: plexus-bsh-factory_1.0~alpha7-3.1.dsc plexus-bsh-factory_1.0~alpha7-3.1.debian.tar.xz libplexus-bsh-factory-java_1.0~alpha7-3.1_all.deb Greetings, Your Debian queue daemon

Bug#700610: bsh (BeanShell) security vulnerability (CVE-2016-2510)

2016-02-19 Thread Stian Soiland-Reyes
Hi, thanks. I agree that this is a general Java issue in any application using serialization - the vulnerability attack vector would just move to less common libraries (we point this out in the release notes). Also I must admit for me it was a bit confuising at first to learn about how a

plexus-bsh-factory_1.0~alpha7-3.1_amd64.changes ACCEPTED into unstable

2016-02-19 Thread Debian FTP Masters
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 19 Feb 2016 16:57:41 +0100 Source: plexus-bsh-factory Binary: libplexus-bsh-factory-java Architecture: source all Version: 1.0~alpha7-3.1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers

libglazedlists-java 1.9.0+dfsg-2 MIGRATED to testing

2016-02-19 Thread Debian testing watch
FYI: The status of the libglazedlists-java source package in Debian's testing distribution has changed. Previous version: 1.9.0+dfsg-1 Current version: 1.9.0+dfsg-2 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times

reproducible.debian.net status changes for robocode

2016-02-19 Thread Reproducible builds folks
2016-02-19 21:07 https://tests.reproducible-builds.org/unstable/amd64/robocode changed from reproducible -> FTBFS __ This is the maintainer address of Debian's Java team . Please use debian-j...@lists.debian.org for

Processing of xmlbeans_2.6.0-4_amd64.changes

2016-02-19 Thread Debian FTP Masters
xmlbeans_2.6.0-4_amd64.changes uploaded successfully to localhost along with the files: xmlbeans_2.6.0-4.dsc xmlbeans_2.6.0-4.debian.tar.xz libxmlbeans-java_2.6.0-4_all.deb xmlbeans_2.6.0-4_all.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) __ This

xmlbeans_2.6.0-4_amd64.changes ACCEPTED into unstable

2016-02-19 Thread Debian FTP Masters
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sat, 20 Feb 2016 08:49:20 +0200 Source: xmlbeans Binary: libxmlbeans-java xmlbeans Architecture: source all Version: 2.6.0-4 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers