dom4j_1.6.1+dfsg.3-2+deb9u1_amd64.changes ACCEPTED into proposed-updates->stable-new

Debian FTP Masters ftpmaster at ftp-master.debian.org
Mon Sep 24 19:49:59 BST 2018


Mapping stretch to stable.
Mapping stable to proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 24 Sep 2018 15:03:22 +0200
Source: dom4j
Binary: libdom4j-java libdom4j-java-doc
Architecture: source all
Version: 1.6.1+dfsg.3-2+deb9u1
Distribution: stretch
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Markus Koschany <apo at debian.org>
Description:
 libdom4j-java - flexible XML framework for Java
 libdom4j-java-doc - documentation for libdom4j-java
Changes:
 dom4j (1.6.1+dfsg.3-2+deb9u1) stretch; urgency=high
 .
   * Team upload.
   * Fix CVE-2018-1000632:
     Mario Areias discovered that dom4j, a XML framework for Java, was
     vulnerable to a XML injection attack. An attacker able to specify
     attributes or elements in the XML document might be able to modify the
     whole XML document.
   * Compile with source/target 1.5 to fix a compilation issue with
     String.format.
   * Add testng to Build-Depends. Build and test AllowedCharsTest to verify that
     CVE-2018-1000632 is correctly addressed.
Checksums-Sha1:
 0f8302acc9d9e96b34d0afab5a76e5c84c3d2fe4 2475 dom4j_1.6.1+dfsg.3-2+deb9u1.dsc
 46aeb0ce4ef3c0fcc801e479679d7917ba5e17bd 12704 dom4j_1.6.1+dfsg.3-2+deb9u1.debian.tar.xz
 a752aeb136fc183dfdd0ee21c801bc067c73bd45 11683 dom4j_1.6.1+dfsg.3-2+deb9u1_amd64.buildinfo
 4b299f3300ecd8d347dd1906dc261dd9db8c830f 301534 libdom4j-java-doc_1.6.1+dfsg.3-2+deb9u1_all.deb
 d065abcaaef2f9298d60c9037415f3e6f74f71c9 348214 libdom4j-java_1.6.1+dfsg.3-2+deb9u1_all.deb
Checksums-Sha256:
 1af3b5555383958472160677ac223a3cbce4117f715c93d627326c74c72a2e54 2475 dom4j_1.6.1+dfsg.3-2+deb9u1.dsc
 daaf96f6001b152bdfc0ae9fc1c4e72967428329177513959ed8a8fed4608d7a 12704 dom4j_1.6.1+dfsg.3-2+deb9u1.debian.tar.xz
 5b948a6f86c8e1ea40a69dbb07e376400c24c48050d587be6ef1abfbb934bd97 11683 dom4j_1.6.1+dfsg.3-2+deb9u1_amd64.buildinfo
 f48da82683223874040a2fa54c6cdd94d3b78b90a92f2d1e41fe6076f86d77fc 301534 libdom4j-java-doc_1.6.1+dfsg.3-2+deb9u1_all.deb
 5c212810670f210d36209f184b03113e7742329ced1c0c3a20b9e8b5bf5ea54b 348214 libdom4j-java_1.6.1+dfsg.3-2+deb9u1_all.deb
Files:
 f6b757a9478ad0c05339fd1142dfe463 2475 java optional dom4j_1.6.1+dfsg.3-2+deb9u1.dsc
 e927baa70c97facd3dc4833fbac020cb 12704 java optional dom4j_1.6.1+dfsg.3-2+deb9u1.debian.tar.xz
 a94ab7e8eb45057cfa48dd355b8833ed 11683 java optional dom4j_1.6.1+dfsg.3-2+deb9u1_amd64.buildinfo
 34bfe53b85f2b7af98e1e8016c69ee04 301534 doc optional libdom4j-java-doc_1.6.1+dfsg.3-2+deb9u1_all.deb
 26464baa0d304b4a17afdf5c4058fe2e 348214 java optional libdom4j-java_1.6.1+dfsg.3-2+deb9u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlupLcJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HknRMP/3TYoJQJBKCyUGR5Mx+Ie9JrW0Dr1amu5Stu
jDLeRdGamcyB/cUXqvg4g0Q5KwYOX+3hwDKlt9xqamHQmNmHRV4IXkfQn1Zi7q4V
U0alR8bQmrrd2+BGGF3j60ACnK+qYeppwOOJdDURfDpOEer3RjzRyCaDpSYBsS0S
aaPwHqGGfVsHYs6xcSQETecJLfMGHrlu8iNDlxy7wJSCvUnTyd57sCMXFCtolI88
OP39C+mESF01Tdi7XjV09igmSAIsho02mb7/qw71Rq8L/AJdlgaI1Cb+PafFcG9Z
2krYpDnDCAfglXNQgdcQLgVHS6BvaY948BEGA5FJBj8WEnnGLwcB3iH8oUb/2aNy
WlCGw90dxemEgndKI2vs0gnJ1TPTD8+cLp3MwPQZCBq/MRPgQuYNN6FqD9dv18la
KArbcHuho22rQDfg2RvtEwPb8HI4FcQHw18vRzXQb1ibPgah46s888ueCz2l031q
g2JMK88PQrnrvpx2K+jbTZu93sSih2Pnv7dgmFhLXIhElQNQ5qMrhShH6qowzHm4
xU9z+uc+t9ZA66o2q/T4LwRUpki7ZJ3hdfxcrMOzg9sv8miGXF5ZiwgpSB3xSivv
Ug0Z0oBpYQJ9mRd+5QUSvcDduFQ00o7a/iG/dFFIehBhqOGoRdEtPLu5bHnOMusC
hSG+U3Jl
=y5jq
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the pkg-java-maintainers mailing list