Bug#929283: zookeeper: CVE-2019-0201: information disclosure vulnerability
Moritz Mühlenhoff
jmm at inutil.org
Sun May 26 19:58:29 BST 2019
On Fri, May 24, 2019 at 09:19:00AM +0100, Chris Lamb wrote:
> tags 929283 + patch
> thanks
>
> Hi Moritz,
>
> > > > zookeeper: CVE-2019-0201: information disclosure vulnerability
> > >
> > > Happy to prepare an update for stretch; I plan to do one for jessie
> > > LTS (which, helpfully, has the same version...)
> >
> > Sounds good, we should fix that in Stretch. I've just added the reference
> > to the upstream commit in the 3.4 branch to the Security Tracker.
>
> Thanks. Here is my diff:
Looks fine, but can you please also include the test case upstream added?
Given that it's quite complex to reconstruct the specific affected ZK setup,
we should at least ship/run the test case.
Cheers,
Moritz
More information about the pkg-java-maintainers
mailing list