Your message dated Sun, 03 Dec 2017 22:34:48 +0000 with message-id <e1elcqw-000189...@fasolo.debian.org> and subject line Bug#800984: fixed in openid4java 1.0.0-1 has caused the Debian Bug report #800984, regarding openid4java: depends on obsolete libcommons-httpclient-java library to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 800984: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800984 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: openid4java Severity: normal User: pkg-java-maintainers@lists.alioth.debian.org Usertags: oldlibs libcommons-httpclient-java Hi, openid4java depends on libcommons-httpclient-java, which is obsolete and was replaced by libhttpclient-java. It has reached EOL status in 2011! It is no longer supported upstream [1] and was affected by multiple security issues in the recent past. openid4java should be ported to the new libhttpclient-java version, so that we can remove the old, unmaintained one. Please forward this issue upstream, if you can't migrate the package yourself. We would like to see libcommons-httpclient-java removed during the Stretch release cycle but due to the large number of reverse-dependencies the outcome depends more than ever on your help. Please help us to accomplish this goal. We will bump this issue to important when the list of rdeps is getting smaller and we think that the removal is possible. We will eventually raise the severity to serious when the number of rdeps is small. If you have any questions don't hesitate to ask and contact us on debian-j...@list.debian.org Regards, Markus [1] https://hc.apache.org/httpclient-3.x/ [2] https://security-tracker.debian.org/tracker/source-package/commons-httpclient
--- End Message ---
--- Begin Message ---Source: openid4java Source-Version: 1.0.0-1 We believe that the bug you reported is fixed in the latest version of openid4java, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 800...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Emmanuel Bourg <ebo...@apache.org> (supplier of updated openid4java package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 03 Dec 2017 23:16:41 +0100 Source: openid4java Binary: libopenid4java-java Architecture: source Version: 1.0.0-1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Emmanuel Bourg <ebo...@apache.org> Description: libopenid4java-java - This library allows you to OpenID-enable your Java webapp Closes: 800984 871880 875776 Changes: openid4java (1.0.0-1) unstable; urgency=medium . * Team upload. . [ Miguel Landaeta ] * Remove myself from uploaders list. (Closes: #871880) * Bump DH compat level to 10. * Wrap and sort dependencies lists. * Update copyright info. . [ Emmanuel Bourg ] * New upstream release - Removed the dependency on libcommons-httpclient-java (Closes: #800984) * Build with Maven instead of Ant * Removed the -java-doc package (Closes: #875776) * Standards-Version updated to 4.1.1 Checksums-Sha1: 32e7874a72e89b3fb626c4144f1f5293ec1a7f2c 2316 openid4java_1.0.0-1.dsc 520081b6cfe344a59f3d0ceed13f2ca88ea0c07b 170548 openid4java_1.0.0.orig.tar.xz abf269e5176ef0b4cdb2f6df76f3931f7e7b1b7a 4756 openid4java_1.0.0-1.debian.tar.xz 44f70044d19b7fc484ee25da43e5bc9fd369a2d8 15511 openid4java_1.0.0-1_source.buildinfo Checksums-Sha256: 7e1d63393c0cfa234511956a7d233bb7f4b01b3f8f7176945423dfa6a71b8d54 2316 openid4java_1.0.0-1.dsc 6b5c3eed37d77ef1f76ed803a4efccbfe3c279bd658db2c80865d70d7dfafd4c 170548 openid4java_1.0.0.orig.tar.xz 71c77a64294386d81852f4150c66757c8ec3613c8c6eed5a4c71e422bbdcee6c 4756 openid4java_1.0.0-1.debian.tar.xz 4c5ff79dd574623016eeabb6c7dc99adbbf92358c225e95866cf03970681ca40 15511 openid4java_1.0.0-1_source.buildinfo Files: f6a27a2da39f671cac479f8b1094cec6 2316 java optional openid4java_1.0.0-1.dsc 2768725b6ac23d7c0feac957496ce8ea 170548 java optional openid4java_1.0.0.orig.tar.xz cc65bf3d7a23debcbc54a0ef445e30d4 4756 java optional openid4java_1.0.0-1.debian.tar.xz 64ce42a4d044a8984d82473d8af60a9f 15511 java optional openid4java_1.0.0-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEEuM5N4hCA3PkD4WxA9RPEGeS50KwFAlokeCwSHGVib3VyZ0Bh cGFjaGUub3JnAAoJEPUTxBnkudCswuEQAL6T5CSjd/GcNEqstF7BAhYGxqXGBAxL drm0k7Ct/0MZIMWYba1sRLow37ZQ6M4jIoIk9vPJecIvyul27jbL6AqYDlpU21EY 64mACWDzADPMj/VUQVVRZikw4AMcBd/G/mK4lzYT09DPWZbDysEEiw/wwrIc9qHF nm8pOCI/vhclLXbWrxsCxZIF+2Fu4hWgi4ULonaRhZU3/tRleoNPJQrJJVXK3TOE w+y4vqU/9IjMFIuYy+yrgkbbiJjzHsULr4saVouRfc6/14B3FX2B2xrXlLWHBbvk 0EbS7cNGH40hLGXoOva8mgmC0MpupmvhXSJK9tuF+anYzx7psu1WekjmvjOmW1O2 ZgOELUhF7cRiLr/cg6aRYvGCd5Xk23UmnfVpOzjnuh9mN6FxsT4aSUWCx8FvlGpW kVLaNXEz1Ty3phq+2KRDyXyug0yJiHy0qDdlJcys8aQOM3tubtAbG2iXi42VeWg/ 6vDCfy46gMkETpht6LR1kXGrYkysWUh+KlI8kxRTclM/SuywThq7UT6+z0LpfyTf ugl7n2YgThhXwPboEWfd8J0xKQzYJj9kTUFsnyX3sSENIrfYuBAVeVAnRWg17lUa aegmp5iJycFl/DsgHWBm4tINaSwPoCzgXn/3tfOmJVkP70mb2yNciNf7hBKfF1Ol Dv9OP+qNnC7X =eeLV -----END PGP SIGNATURE-----
--- End Message ---
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.
