Bug#611138: CVE-2010-4438

Adam D. Barratt adam at adam-barratt.org.uk
Wed Jan 26 21:42:24 UTC 2011

user release.debian.org at packages.debian.org
usertag 611138 + squeeze-can-defer
tag 611138 + squeeze-ignore

On Wed, 2011-01-26 at 22:34 +0100, Moritz Mühlenhoff wrote:
> On Wed, Jan 26, 2011 at 07:46:32PM +0100, Damien Raude-Morvan wrote:
> > So I don't think Debian package is affected by this issue, but we'll have to 
> > wait until Oracle/Glassfish team publish some source code to confirm ths.
> Ok, I've updated the Security Tracker to mark it as not-affected. I wasn't
> aware that the Debian Glassfish package doesn't provide the full stack.

In that case, this sounds like a fix could be deferred until after the
release, if it's required at all; tagging as not a blocker.



More information about the pkg-java-maintainers mailing list