Bug#653964: glassfish predictable hash collisions
Thijs Kinkhorst
thijs at debian.org
Sun Jan 1 22:53:36 UTC 2012
Package: glassfish
Severity: serious
Tags: security
Hi,
It was reported that Glassfish is affected by the predictable hash collisions
attack that made its rounds around the net this week. This is tracked at
http://security-tracker.debian.org/tracker/CVE-2011-5035
Can you ensure that fixed packages are uploaded to sid as soon as possible,
and assert whether a fix for lenny and squeeze would be necessary?
Cheers,
Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20120101/cc37502b/attachment.pgp>
More information about the pkg-java-maintainers
mailing list