Bug#762462: glassfish: Current version no longer supported upstream
Raphaël Hertzog
hertzog at debian.org
Mon Sep 22 15:38:52 UTC 2014
Source: glassfish
Version: 1:2.1.1-b31g+dfsg1-1
Severity: serious
Tags: security
Hello,
while looking up open security issues in glassfish I noticed that the
current version is no longer supported upstream (according to
http://www.oracle.com/us/support/library/lifetime-support-middleware-069163.pdf).
You already have open security issues that nobody knows how to fix so
it's clearly not acceptable to release this version in jessie:
https://security-tracker.debian.org/tracker/source-package/glassfish
Please consider packaging version 4.x which seems to be mentionned
on the upstream homepage:
https://glassfish.java.net/download.html
Regards,
-- System Information:
Debian Release: jessie/sid
APT prefers squeeze-lts
APT policy: (500, 'squeeze-lts'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
More information about the pkg-java-maintainers
mailing list