Bug#860566: fixed in batik 1.9-1
Moritz Muehlenhoff
jmm at debian.org
Sun Oct 1 09:37:24 UTC 2017
On Mon, Sep 04, 2017 at 06:19:28AM +0000, Christopher Hoskin wrote:
> Changes:
> batik (1.9-1) unstable; urgency=medium
[..]
> * New upstream (1.9)
> + Fix "CVE-2017-5662: information disclosure vulnerability" Upstream claim
> BATIK-1139 is fixed in 1.9 (Closes: #860566)
Hi,
this doesn't warrant a DSA, but there's still the possibility to fix this via a
stable point update [1], so I was wondering whether anything of that sort is planned by
you.
Cheers,
Moritz
[1] https://www.debian.org/doc/manuals/developers-reference/ch05.html#upload-stable
More information about the pkg-java-maintainers
mailing list