bsh_2.0b4-15+deb8u1_amd64.changes ACCEPTED into proposed-updates->stable-new

Debian FTP Masters ftpmaster at ftp-master.debian.org
Fri Mar 4 16:36:35 UTC 2016


Mapping stable-security to proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Mar 2016 15:54:12 +0100
Source: bsh
Binary: bsh libbsh-java bsh-doc bsh-src
Architecture: source all
Version: 2.0b4-15+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Markus Koschany <apo at debian.org>
Description:
 bsh        - Java scripting environment (BeanShell) Version 2
 bsh-doc    - Documentation for bsh
 bsh-src    - Java scripting environment (BeanShell) Version 2 (source code)
 libbsh-java - Java scripting environment (BeanShell) Version 2 (library)
Changes:
 bsh (2.0b4-15+deb8u1) jessie-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2016-2510.
     An application that includes BeanShell on the classpath may be vulnerable
     if another part of the application uses Java serialization or XStream to
     deserialize data from an untrusted source. A vulnerable application could
     be exploited for remote code execution, including executing arbitrary shell
     commands.
Checksums-Sha1:
 b84817cd31d61889f5a2ee76e9ea888767273c95 2291 bsh_2.0b4-15+deb8u1.dsc
 dc1344119059ea42f3df115b8d06dc7807615c3d 9280 bsh_2.0b4-15+deb8u1.debian.tar.xz
 78f7b39b1775f1e045fc36643408b0f4b9a3deaf 8094 bsh_2.0b4-15+deb8u1_all.deb
 0d313f9f9dfb7d410ed3aa59247818d7db11fbe1 266470 libbsh-java_2.0b4-15+deb8u1_all.deb
 cc26005dc0b7e76a5d76693edaec037d2636dc41 342042 bsh-doc_2.0b4-15+deb8u1_all.deb
 d9c5f9eab164475c8a47e3169027cfe5f224456d 837614 bsh-src_2.0b4-15+deb8u1_all.deb
Checksums-Sha256:
 b1ca7393ecfbb887430740267093cb5159b5299bb9b9582e28b39216507b0dff 2291 bsh_2.0b4-15+deb8u1.dsc
 5b8675c6ae951f24f77e83df9300c98cb4f42d2391c652db0a8f7d574c8d16bc 9280 bsh_2.0b4-15+deb8u1.debian.tar.xz
 42b6e3e57926d6a8acccb58077051b4e0144938a200e97c53b45d467235cb135 8094 bsh_2.0b4-15+deb8u1_all.deb
 72ddef827d11fb5e6d8a39123a4e4027d86b8e5d85ce8289f2bc3c26f09735ef 266470 libbsh-java_2.0b4-15+deb8u1_all.deb
 fcbe805842b885a36008ad89bdc14345799d051939101bdd3c3c6c3850f45044 342042 bsh-doc_2.0b4-15+deb8u1_all.deb
 05eb777ba85efabb19d039be837e81254956ecb7da3cb3eb1f2186d1545d80d1 837614 bsh-src_2.0b4-15+deb8u1_all.deb
Files:
 5a0aaa98bf25d23cb4b7c03bbf74483c 2291 devel optional bsh_2.0b4-15+deb8u1.dsc
 d8f4836a64d26ef3ddcfc6f51bcea57f 9280 devel optional bsh_2.0b4-15+deb8u1.debian.tar.xz
 1d02fe312585dde432bbbbfdaaa0dd1b 8094 devel optional bsh_2.0b4-15+deb8u1_all.deb
 e93eea765b76baac8372cc0a213ca4cf 266470 java optional libbsh-java_2.0b4-15+deb8u1_all.deb
 1c900ebc0a577e45e576236364e319ab 342042 doc optional bsh-doc_2.0b4-15+deb8u1_all.deb
 66f6c5fff9437430ac03763ae284d717 837614 java optional bsh-src_2.0b4-15+deb8u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJW1eD2XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkfBAQALiEaDVOopnZmfEG5OZ2HCKQ
LSSPWGUu480ByRnS4JhpYyYNXMV6K04dnoUbTp07MRb0QZH+inGVN9oUGJIcqgqp
gw2gdkBaalIQ0RwiGUTKb43emE3lC/NucCuMIi9Mpo++akABTFGlikShOZ05hOTe
ymW+V9D2qhfVavEfAfTR5ObSeoYDsWzaCcUnsDjwC/Que23+UOMxKDjWAFaY9MR7
m/1Gx+yF3j1YIyz4BxSTUfOYZNk1GgYE1WygkVDtpcc2Q35VM90ZiMKQCKahJv3A
oWrArzoH0LX7gsJO7nosiryksxSCdO7JJvku0T6PGMoYBJ36YP1UfqXJHKsfJDca
M3rGn6QOQnNkLFtTFJ2CXJOvb/lq4ltLn+nAItTueM71KjwnsCMw5prH9VC3BgbC
NxKAESEBGlJqb+mJiopEllvM2B93p7Eo+IlXBlin4hyk0np9PqJl7mLoScmKqPjo
3Q8qN9itIH6kGtSZUJ65G6o9UhDFdeYxBVq7hz4/20wotFwItvRWx9qTORRN1qhz
1ekuJ75pW+LrOF8E4mPRiqwfSYLnj67+IcYa0iQV66rCvmf+AttnSxSgzjv1cK7x
3TxLZ0Ur8WNt/lV3FAA/O7Fb27lFKz7xGSTmqaAEJr7Iix75bgknI7buRmyeq5p5
zzh6lQb/37BBGWMxO8ji
=VeNt
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the pkg-java-maintainers mailing list