Bug#793984: jessie-pu: package groovy/1.8.6-4
Adam D. Barratt
adam at adam-barratt.org.uk
Sat May 21 13:07:11 UTC 2016
Control: tags -1 -moreinfo +pending
On Fri, 2015-09-11 at 18:01 -0300, Miguel Landaeta wrote:
> On Mon, Aug 31, 2015 at 06:56:38PM +0200, Moritz Muehlenhoff wrote:
> >
> > Moving the rdeps to groovy2 seems the better fix to me (#793911).
>
> I agree on that and I believe debian-java is working towards that
> goal.
>
> However, I have not figured yet out how to fix CVE-2015-3253 since
> groovy FTBFS in stretch and sid (#793630).
I see that "groovy" in unstable is now the 2.X codebase, and appears to
include the fix for the CVE.
Flagged for acceptance.
Regards,
Adam
More information about the pkg-java-maintainers
mailing list