commons-httpclient_3.1-11_amd64.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Apr 13 17:05:26 UTC 2015
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 23 Mar 2015 22:57:54 +0100
Source: commons-httpclient
Binary: libcommons-httpclient-java libcommons-httpclient-java-doc
Architecture: source all
Version: 3.1-11
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Markus Koschany <apo at gambaru.de>
Description:
libcommons-httpclient-java - A Java(TM) library for creating HTTP clients
libcommons-httpclient-java-doc - Documentation for libcommons-httpclient-java
Closes: 758086
Changes:
commons-httpclient (3.1-11) unstable; urgency=high
.
* Team upload.
* Add CVE-2014-3577.patch. (Closes: #758086)
It was found that the fix for CVE-2012-6153 was incomplete: the code added
to check that the server hostname matches the domain name in a subject's
Common Name (CN) field in X.509 certificates was flawed. A
man-in-the-middle attacker could use this flaw to spoof an SSL server using
a specially crafted X.509 certificate. The fix for CVE-2012-6153 was
intended to address the incomplete patch for CVE-2012-5783. The issue is
now completely resolved by applying this patch and the
06_fix_CVE-2012-5783.patch.
* Change java.source and java.target ant properties to 1.5, otherwise
commons-httpclient will not compile with this patch.
Checksums-Sha1:
6813d403d1100210a3adc632a8e7dcff477c4d61 2028 commons-httpclient_3.1-11.dsc
15202a3ff56c0f5336ce35ba95f6b07d293d89ad 12444 commons-httpclient_3.1-11.debian.tar.xz
95e5b8d3ac5bb3f5ff7b1affebbb984bfb23f68f 302008 libcommons-httpclient-java_3.1-11_all.deb
bc3bbb89be84880a18be2716d6abd7ee39a18b03 766086 libcommons-httpclient-java-doc_3.1-11_all.deb
Checksums-Sha256:
81b0cbe1b1804c5c43cac7d089ba9ca65fe971ef3015602c8c790193a87eb3a6 2028 commons-httpclient_3.1-11.dsc
51feecd75226900f90e52eaa2b3660579b0e734740ef07cffb8f1a6c3db9aaeb 12444 commons-httpclient_3.1-11.debian.tar.xz
e7ccb4f5e34d6750a07da64ca86a73ec9bd81b47eaea4815bed694b4e6e4f521 302008 libcommons-httpclient-java_3.1-11_all.deb
74a38afa380426fd5c626751d95779dd6ccc36bb3705489a36759606e71bd3a4 766086 libcommons-httpclient-java-doc_3.1-11_all.deb
Files:
2793d3bf04df3bf4b6d8bd11dd0db543 2028 java optional commons-httpclient_3.1-11.dsc
18ce71adc3c0c83fa1555d8eb426b3f3 12444 java optional commons-httpclient_3.1-11.debian.tar.xz
3291b34ed300ca218163ec3807c1d181 302008 java optional libcommons-httpclient-java_3.1-11_all.deb
7d6a72907b03943d5ff2d889dc388995 766086 doc optional libcommons-httpclient-java-doc_3.1-11_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJVK+2eAAoJEFb2GnlAHawEkQMH/AwsHevlwJXk1AhDJriltKMT
jzC4Jz0iXo1Rccb7+vvCwW6Uk8VLRDEAC2bVGiHOT5CoE/Nkr2j6I6YyZDniPDc3
RC8c/QC0oY0NHrH7fAxm25HLNLVfRGWUz7/TdS2ceUruP3/08Baa4PlvaYZb/+01
r+aw3eP/us8V92nftahoa4kl+/mo8/utT7oCNcc16Zhd57/5CQ+AV+bIDeLcAE16
vgxbIatV74qZBEhmBQDqvKya/DS2xGaWILozmQw+/T9IPZTI010aHlz9/YWQdlaA
AkwWyvyWYT7ZmmZ8Xl2/sKjvVdqNQsxmx0nBvJzOHoLTy8iNFwd8cCtUzNHEf44=
=c2Gn
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the pkg-java-maintainers
mailing list