Dear glassfish maintainers,
Please determine whether and how glassfish as present in Debian is
affected by CVE-2012-3155. Please adjust the severity of this bug
| Unspecified vulnerability in the CORBA
In the version above the common name match of the certificate check was
rewritten. So the versions in squeeze and wheezy are not affected. The
rewritten version contains a bug (uses length of wrong object) and
Package: jenkins-external-job-monitor, libjenkins-java
Those packages share 99% of their data which basically boils down to
both of them shipping jenkins-core-1.447.2.jar. Would it be possible
to turn libjenkins-java into a dependency of
The findbugs package contains an excellent opportunity to reduce space
on the mirrors and installations. The findbugs.jar, which makes up
almost half of the package, is shipped twice in the binary package.
Can you replace
+ -- Helmut Grohne hel...@subdivi.de Mon, 09 Jun 2014 14:22:09 +0200
yui-compressor (2.4.7-1) unstable; urgency=low
* New upstream release.
diff -Nru yui-compressor-2.4.7/debian/control
--- yui-compressor-2.4.7/debian/control 2012-05-12 23:05
On Mon, Oct 03, 2016 at 11:13:13AM +0200, Emmanuel Bourg wrote:
> What is the expected contract for a package providing ruby-interpreter?
I wish I could tell. Judging from
https://wiki.debian.org/Teams/Ruby/Packaging, it seems that
ruby-interpreter requires /usr/bin/ruby. Not sure how official
Justification: policy 3.5
Please consider the following interaction with a fresh sid chroot:
# apt-get install -y --no-install-recommends jruby
# apt-get install --no-install-recommends rake
On Mon, Oct 03, 2016 at 04:46:11PM -0700, tony mancill wrote:
> I agree with Helmut's suggestion that jruby should drop the Provides.
> Even if there are contexts in which jruby could act as a ruby
> interpreter, I don't think we should encourage our users to use it
> when we have ruby available.
Mail list logo