Bug#686867: jruby: CVE-2011-4838

Moritz Muehlenhoff jmm at inutil.org
Thu Sep 6 20:03:58 UTC 2012 

Package: jruby
Severity: grave
Tags: security
Justification: user security hole

Hi,
jruby in Wheezy is still affected by http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4838                                                                                            
http://www.nruns.com/_downloads/advisory28122011.pdf                                                                                                                                        

Since Wheezy already has 1.6.5, updating to 1.6.5.1 seems like a good idea?

Cheers,
        Moritz

More information about the pkg-java-maintainers mailing list