ganymed-ssh2 250-3 MIGRATED to testing

2018-01-08 Thread Debian testing watch
FYI: The status of the ganymed-ssh2 source package in Debian's testing distribution has changed. Previous version: 250-2 Current version: 250-3 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will

Bug#885577: libhibernate-validator-java: CVE-2017-7536: Privilege escalation when running under the security manager

2018-01-08 Thread Markus Koschany
Hi, Am 08.01.2018 um 17:44 schrieb Salvatore Bonaccorso: [...] > So the patched files exits, and similar code flow is present. > > I explicitly have not looked (yet) at 4.0.2.GA which is in jessie (and > wheezy), just the 4.3.3 based versions in stable and unstable yet. > > What do you miss?

Bug#885577: libhibernate-validator-java: CVE-2017-7536: Privilege escalation when running under the security manager

2018-01-08 Thread Markus Koschany
Am 08.01.2018 um 13:32 schrieb Abhijith PA: > Hello. :) > > https://bugzilla.redhat.com/show_bug.cgi?id=1465573#c24 says it affects > all 5.x version. But Debian haven't shipped this version yet. And > upstream patched files doesn't exist in 4.3.3 (version in Debian sid). > So could you please

Bug#885577: libhibernate-validator-java: CVE-2017-7536: Privilege escalation when running under the security manager

2018-01-08 Thread Salvatore Bonaccorso
Hey! On Mon, Jan 08, 2018 at 06:03:48PM +0100, Markus Koschany wrote: > Hi, > > Am 08.01.2018 um 17:44 schrieb Salvatore Bonaccorso: > [...] > > So the patched files exits, and similar code flow is present. > > > > I explicitly have not looked (yet) at 4.0.2.GA which is in jessie (and > >

tests.reproducible-builds.org/debian status changes for libxbean-java

2018-01-08 Thread Reproducible builds folks
2018-01-08 23:04 https://tests.reproducible-builds.org/debian/unstable/amd64/libxbean-java changed from FTBFS -> unreproducible __ This is the maintainer address of Debian's Java team . Please use

libj2ssh-java 0.2.9-5 MIGRATED to testing

2018-01-08 Thread Debian testing watch
FYI: The status of the libj2ssh-java source package in Debian's testing distribution has changed. Previous version: 0.2.9-4 Current version: 0.2.9-5 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will

Bug#885577: libhibernate-validator-java: CVE-2017-7536: Privilege escalation when running under the security manager

2018-01-08 Thread Abhijith PA
Hello. :) https://bugzilla.redhat.com/show_bug.cgi?id=1465573#c24 says it affects all 5.x version. But Debian haven't shipped this version yet. And upstream patched files doesn't exist in 4.3.3 (version in Debian sid). So could you please elaborate on how your research find 4.3.3 affected ? --

Bug#885577: libhibernate-validator-java: CVE-2017-7536: Privilege escalation when running under the security manager

2018-01-08 Thread Salvatore Bonaccorso
Hi Abhijith, hi Markus On Mon, Jan 08, 2018 at 04:01:17PM +0100, Markus Koschany wrote: > Am 08.01.2018 um 13:32 schrieb Abhijith PA: > > Hello. :) > > > > https://bugzilla.redhat.com/show_bug.cgi?id=1465573#c24 says it affects > > all 5.x version. But Debian haven't shipped this version yet. And