Bug#816357: jedit: FTBFS: XThis.java:128: error: cannot find symbol [..] NotSerializableException

tony mancill tmancill at debian.org
Fri Mar 4 13:40:19 UTC 2016 

On 03/04/2016 12:24 AM, Markus Koschany wrote:
> On Thu, 03. Mar 22:30 tony mancill <tmancill at debian.org> wrote:
>>> diff -Nru bsh-2.0b4/debian/patches/CVE-2016-2510.patch bsh-2.0b4/debian/patches/CVE-2016-2510.patch
>>> --- bsh-2.0b4/debian/patches/CVE-2016-2510.patch	2016-03-02 20:24:07.000000000 -0800
>>> +++ bsh-2.0b4/debian/patches/CVE-2016-2510.patch	2016-03-03 22:10:57.000000000 -0800
>>> @@ -35,8 +35,8 @@
>>>  -	class Handler implements InvocationHandler, java.io.Serializable
>>>  +	class Handler implements InvocationHandler
>>>   	{
>>> -+		private Object readResolve() throws ObjectStreamException {
>>> -+			throw new NotSerializableException();
>>> ++		private Object readResolve() throws java.io.ObjectStreamException {
>>> ++			throw new java.io.NotSerializableException();
>>>  +		}
>>>  +
>>
>> So, if you're okay with the patch, could you apply it and upload an
>> updated bsh?  Or do you mind if I do?
> 
> Hi tony,
> 
> I can upload a new revision of bsh with this change later. I'm just wondering
> why we need to use java.io.ObjectStreamException and
> java.io.NotSerializableException explicitly because these classes are already
> imported in bsh's XThis.java.
> 
> import java.io.*;
> 
> Anyway it doesn't change the intention of the patch and should be safe.

Hi Markus,

I ask myself that same question, and intend to look it up.  Perhaps
because it's a nested inner class of XThis?

But one of the clues was that the original code specified the full class
name for java.io.Serializable and not just Serializable.

I agree that it shouldn't affect the intention of patch and should be
safe, but it is a bit puzzling.

Thank you,
tony

P.S.  I'm leaving you on the cc: because my MX is having some issues
with bugs.debian.org at the moment.  Sorry if you get duplicates.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20160304/bc2a53d7/attachment.sig>

More information about the pkg-java-maintainers mailing list