Bug#1014597: libitext5-java: new version 5.5.13.3 addresses CVE-2021-43113
tony mancill
tmancill at debian.org
Sun Jul 10 18:55:57 BST 2022
Hello Thomas,
On Fri, Jul 08, 2022 at 04:00:20PM +0200, Thomas Uhle wrote:
> Package: libitext5-java
> Version: 5.5.13.2-1
> Severity: serious
> Tags: security upstream
> X-Debbugs-Cc: team at security.debian.org
> Control: found -1 5.5.13-1
>
> Dear maintainers,
>
> there is a new bugfix release upstream for iText 5. In particular, it
> addresses CVE-2021-43113. The new version 5.5.13.3 has been announced on
> Maven as well as on Github at https://github.com/itext/itextpdf/releases for
> instance. Please consider to also update the binary package for bullseye and
> perhaps for buster too.
Thank you for the bug report.
I am preparing an upload of 5.5.13.3 now.
> Could you please also pay attention to my other bug ticket #983715 and
> consider to package itext-xtra along with the other jar files, at least for
> bookworm.
I will take a look at this after the version update. Thank you for the
reminder.
Best regards,
tony
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20220710/55b761cb/attachment.sig>
More information about the pkg-java-maintainers
mailing list