Bug#456148: Current upstream fix for CVE-2007-6306 introduced regression
Nico Golde
nion at debian.org
Sat Dec 22 14:59:26 UTC 2007
Hi Varun,
* Varun Hiremath <varunhiremath at gmail.com> [2007-12-18 19:02]:
> On Thu, 13 Dec, 2007 at 01:46:58PM +0100, Tomas Hoger wrote:
> > This has been brought to our attention:
> >
> > http://sourceforge.net/tracker/index.php?func=detail&aid=1849333&group_id=15494&atid=115494
> >
> > Upstream author is looking into the issue and expects to release update
> > soon.
>
> The following comment[1] was added by the Upstream author:
>
> | This bug has been fixed in the jfreechart-1.0.x-branch in Subversion,
> | and I'll be releasing version 1.0.9 as soon as possible. The chances
> | of that happening this week are slim, however.
>
> [1]: https://sourceforge.net/tracker/?func=detail&atid=115494&aid=1849333&group_id=15494
>
> I shall update the package once version 1.0.9 is released.
What about updating the current package with the referenced
patches which fix this?
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20071222/c0ba65fb/attachment.pgp
More information about the pkg-java-maintainers
mailing list