undertow_1.4.25-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sun May 6 22:00:20 BST 2018
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 06 May 2018 21:29:28 +0200
Source: undertow
Binary: libundertow-java libundertow-java-doc
Architecture: source
Version: 1.4.25-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Markus Koschany <apo at debian.org>
Description:
libundertow-java - flexible performant web server written in Java
libundertow-java-doc - Documentation for Undertow
Closes: 897247
Changes:
undertow (1.4.25-1) unstable; urgency=medium
.
* New upstream version 1.4.25
- Fix CVE-2018-1114: File descriptor leak caused by
JarURLConnection.getLastModified() allows attacker to cause a denial of
service. (Closes: #897247)
- Fix CVE-2017-12196: When using Digest authentication the server does not
ensure that the value of URI in the Authorization header matches the URI
in HTTP request line. This allows the attacker to cause a MITM attack and
access the desired content on the server.
* Declare compliance with Debian Policy 4.1.4.
Checksums-Sha1:
9626fbf640d84557c6a3c952b568e6fc3d071317 2754 undertow_1.4.25-1.dsc
10d9205135f8bfc095ecc95de5676466e141fcca 744588 undertow_1.4.25.orig.tar.xz
f3943ec4f76c1c529f9066d832d0c7035fd8b072 7528 undertow_1.4.25-1.debian.tar.xz
bf49bc5e7223bd9ac520ac867bfed034ecedafa1 17738 undertow_1.4.25-1_amd64.buildinfo
Checksums-Sha256:
facfa86844e8da9544f6e9deee6240493788c75e77f9fda477b6c3d8c0621b4b 2754 undertow_1.4.25-1.dsc
eccabc5973944010a15d2a4ec16a3a948c8cf75496d6da9013c84c1867d55a5d 744588 undertow_1.4.25.orig.tar.xz
650f26f47cb02a3d806fc9ec45257d85ba0ed1a02b4d3c85c05e2b52fbc0ffa0 7528 undertow_1.4.25-1.debian.tar.xz
4ef0e643cbabd5499d84e5d11b46a585e74a1e4688bd3969825170a2cdae1077 17738 undertow_1.4.25-1_amd64.buildinfo
Files:
e670ecf8ab523e51d19d7654fa76bac7 2754 java optional undertow_1.4.25-1.dsc
91b3a5b29190017f7d119ad409690d3d 744588 java optional undertow_1.4.25.orig.tar.xz
ef78fc553059accb288dacceda75edf2 7528 java optional undertow_1.4.25-1.debian.tar.xz
500f45ee38b3fdc6fbf7baf7c07c1c2b 17738 java optional undertow_1.4.25-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlrvW2pfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkoYQP/2Bvz84AdDycU11v3r79/odyjY3s4bLHVyq1
/KuuqtNtSxOA0+lHd7h11576hF88FoipwnrPlzvUs7Y4sfezdRSRkFJHKja5kjEW
HpFg/rKBnmnMNsmt+Xd53Omgc8eKP1dxA5sH9525UvzCB3dIN2Q56MGQJkfDzD1J
5ASKdWL2lwehnq05reK/l94s5nc3jGOyfb3aZ88mRyw7KMH4LKI/g+1TB2jFnZcG
L1mS7zGI41nVD026H8mlTbJWmB6YaVeIkOa332juvDzSsJonbn4GyeGP9wK1nQnw
pJbX8OMk3tUlAaCyiyJqmtiC+TNpUb3rGf6RNQpNOHVnri6X+2NpsuNkw5RFB68s
uc+7p/krVoVV6FkyJuGrPGdNR5s6c3ouikRGmD9SQW9CQp+t0e3xpgbuRLHigYQ8
mSoxtMtdD9ReA+M1E6BcjmmWCiUFIIoqh3EEYwgq1oYZRMPo6hvBOEq+hYW3Cq6m
CtY4cvbigorFsHxpm0XBO0ywwwKG9bzFOL2Wb4nnalINplABqaRyPJb8ljJ1A6HH
nRFAvpNoqK3B2dA0efvvza/k/U1PX3L/k0CyIfTBWgRHO8+QrGtTBv1ciphZEHeG
rdlOhe1f0cW129LUggmSP8EzMEd/QzAl/H/Q3/3LKd970OxRDH868HL4hLXqqKb6
fRYdKZtZ
=O3cH
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the pkg-java-maintainers
mailing list