Bug#741604: libspring-java: Multiple security issues

Miguel Landaeta nomadium at debian.org
Mon Mar 24 19:46:02 UTC 2014

owner 741604 !
tags 741604 + confirmed

On Fri, Mar 14, 2014 at 01:24:47PM +0100, Moritz Muehlenhoff wrote:
> Package: libspring-java
> Severity: grave
> Tags: security
> Justification: user security hole
> http://www.gopivotal.com/security/cve-2014-0054
> http://www.gopivotal.com/security/cve-2014-1904
> I'm not sure whether these are worth a DSA?

Hi Moritz,

I believe a DSA is not necessary for those CVEs.

I'm preparing fixes for sid and stable.


Miguel Landaeta, nomadium at debian.org
secure email with PGP 0x6E608B637D8967E9 available at
"Faith means not wanting to know what is true." -- Nietzsche
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20140324/0a3e3c7a/attachment.sig>

More information about the pkg-java-maintainers mailing list