I think this also needs to be a security update in wheezy and jessie. What are
the plans for that?
signature.asc
Description: OpenPGP digital signature
__
This is the maintainer address of Debian's Java team
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers.
Please
Package: maven
Version: 3.0.4-3
Severity: grave
Tags: security
By default, maven versions before v3.2.3 downloads from Maven Central using
plain HTTP and do not check any kind of signature on the code before running
it. This is a very bad situation, making it quite easy for malicious actors
take
I just tried to build lombok-patcher on my sid chroot, and it built
fine. This whole lombok group of packages has a bunch of circular deps,
could it be that liblombok-java was out of date on your machine? I
think that lombok-patcher and/or maybe ivyplusplus need to have
versioned Build-Depends
Markus Koschany:
> On Wed, 15 Nov 2017 18:01:07 +0200 Adrian Bunk wrote:
> [...]
>> I tried to sort out what I could find as required for getting the
>> ancient eclipse out of testing in [1]:
>>
>> 1. src:bnd
>> You fixed that already.
>>
>> 2. batik -> maven -> guice ->
4 matches
Mail list logo