Bug#858914: CVE-2017-5929: serialization vulnerability in SocketServer and ServerSocketReceiver
Markus Koschany
apo at debian.org
Tue Mar 28 15:48:16 UTC 2017
Control: forcemerge 857343 858914
Am 28.03.2017 um 17:38 schrieb Guido Günther:
> Package: logback
> Severity: grave
> Tags: security
>
> Hi,
>
> the following vulnerability was published for logback.
>
> CVE-2017-5929[0]:
> | QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting
> | the SocketServer and ServerSocketReceiver components.
[...]
Hi Guido,
this is a duplicate of #857343 which I am going to fix very soon.
Cheers,
Markus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20170328/069727ad/attachment.sig>
More information about the pkg-java-maintainers
mailing list