Bug#857343: #857343: logback deserialization vulnerability
Markus Koschany
apo at debian.org
Tue Mar 28 18:06:28 UTC 2017
Am 28.03.2017 um 20:02 schrieb Salvatore Bonaccorso:
> Hi Markus,
>
> On Tue, Mar 28, 2017 at 05:51:38PM +0200, Markus Koschany wrote:
>> Am 28.03.2017 um 10:54 schrieb Salvatore Bonaccorso:
[...]
>> Thank you. I am going to fix this bug in a few minutes. Do you think
>> this bug warrants a DSA or do you prefer that I get in contact with the
>> release team?
>
> So, should be not necessary to release a DSA for it. Can you please
> update logback via an upcoming point release?
Sure, will do.
Markus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20170328/3c0a63bc/attachment.sig>
More information about the pkg-java-maintainers
mailing list