Bug#741604: libspring-java: Multiple security issues
Miguel Landaeta
nomadium at debian.org
Mon Mar 24 19:46:02 UTC 2014
owner 741604 !
tags 741604 + confirmed
thanks
On Fri, Mar 14, 2014 at 01:24:47PM +0100, Moritz Muehlenhoff wrote:
> Package: libspring-java
> Severity: grave
> Tags: security
> Justification: user security hole
>
> http://www.gopivotal.com/security/cve-2014-0054
> http://www.gopivotal.com/security/cve-2014-1904
>
> I'm not sure whether these are worth a DSA?
Hi Moritz,
I believe a DSA is not necessary for those CVEs.
I'm preparing fixes for sid and stable.
Cheers,
--
Miguel Landaeta, nomadium at debian.org
secure email with PGP 0x6E608B637D8967E9 available at
http://db.debian.org/fetchkey.cgi?fingerprint=4CB7FE1E280ECC90F29A597E6E608B637D8967E9
"Faith means not wanting to know what is true." -- Nietzsche
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20140324/0a3e3c7a/attachment.sig>
More information about the pkg-java-maintainers
mailing list