[logback] 02/02: Update changelog
Markus Koschany
apo at moszumanska.debian.org
Tue Mar 28 15:55:49 UTC 2017
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch master
in repository logback.
commit 4d797c4bb7ce09d4981ce61bf7ddd109ef92ebf5
Author: Markus Koschany <apo at debian.org>
Date: Tue Mar 28 15:04:46 2017 +0200
Update changelog
---
debian/changelog | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index cd0db1e..2b5fd61 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+logback (1:1.1.9-2) unstable; urgency=medium
+
+ * Team upload.
+ * Fix CVE-2017-5929:
+ It was discovered that logback, a flexible logging library for Java, would
+ deserialize data from untrusted sockets. This issue has been resolved by
+ adding a whitelist to use only trusted classes. (Closes: #857343)
+ Thanks to Fabrice Dagorn for the report.
+
+ -- Markus Koschany <apo at debian.org> Tue, 28 Mar 2017 17:22:37 +0200
+
logback (1:1.1.9-1) unstable; urgency=medium
* Team upload.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/logback.git
More information about the pkg-java-commits
mailing list