Bug#858914: CVE-2017-5929: serialization vulnerability in SocketServer and ServerSocketReceiver

On Tue, Mar 28, 2017 at 05:48:16PM +0200, Markus Koschany wrote: > Control: forcemerge 857343 858914 > > Am 28.03.2017 um 17:38 schrieb Guido Günther: > > Package: logback > > Severity: grave > > Tags: security > > > > Hi, > > > > the following vulnerability was published for logback. > > > >

Bug#858914: CVE-2017-5929: serialization vulnerability in SocketServer and ServerSocketReceiver

Control: forcemerge 857343 858914 Am 28.03.2017 um 17:38 schrieb Guido Günther: > Package: logback > Severity: grave > Tags: security > > Hi, > > the following vulnerability was published for logback. > > CVE-2017-5929[0]: > | QOS.ch Logback before 1.2.0 has a serialization vulnerability

Processed (with 1 error): Re: Bug#858914: CVE-2017-5929: serialization vulnerability in SocketServer and ServerSocketReceiver

Processing control commands: > forcemerge 857343 858914 Bug #857343 [liblogback-java] logback: CVE-2017-5929: serialization vulnerability affecting the SocketServer and ServerSocketReceiver components Unable to merge bugs because: package of #858914 is 'logback' not 'liblogback-java' Failed to

Bug#858914: CVE-2017-5929: serialization vulnerability in SocketServer and ServerSocketReceiver

Package: logback Severity: grave Tags: security Hi, the following vulnerability was published for logback. CVE-2017-5929[0]: | QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting | the SocketServer and ServerSocketReceiver components. If you fix the vulnerability please