shiro_1.3.2-4+deb10u1_source.changes ACCEPTED into oldstable-proposed-updates->oldstable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Fri Aug 27 18:34:48 BST 2021
Mapping buster to oldstable.
Mapping oldstable to oldstable-proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 06 Aug 2021 14:25:38 -0400
Source: shiro
Architecture: source
Version: 1.3.2-4+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Roberto C. Sánchez <roberto at debian.org>
Closes: 955018 968753
Changes:
shiro (1.3.2-4+deb10u1) buster; urgency=medium
.
* Non-maintainer upload by the Security Team.
* Update patch for Spring Framework 4.3.x build failure.
* Cherry-pick upstream patch with Guice improvements.
* CVE-2020-1957: Fix a path-traversal issue where a specially-crafted request
could cause an authentication bypass. (Closes: #955018)
* CVE-2020-11989: Fix an encoding issue introduced in the handling of the
previous CVE-2020-1957 path-traversal issue which could have also caused an
authentication bypass.
* CVE-2020-13933: Fix an authentication bypass resulting from a specially
crafted HTTP request. (Closes: #968753)
* CVE-2020-17510: Fix an authentication bypass resulting from a specially
crafted HTTP request.
Checksums-Sha1:
aea576219d745e70fe83c3eea21f1dedee1698bf 2304 shiro_1.3.2-4+deb10u1.dsc
16e6971d0a4e49be931ef1be48cb23ed155ccc7e 478884 shiro_1.3.2.orig.tar.xz
50bacdf2fb50436b95ad322cd9da0bf110e580ae 20680 shiro_1.3.2-4+deb10u1.debian.tar.xz
b348700ae362290e263b79b7588029bfc64a6a49 13532 shiro_1.3.2-4+deb10u1_amd64.buildinfo
Checksums-Sha256:
ff5700a8d7a8237cd9705c68b339029b4edc4a4907c73d0ed400089a37c4ed92 2304 shiro_1.3.2-4+deb10u1.dsc
ae9a3f73a64c05148de9a6c3c09852d3909add94776d47032ec8ff8befed8c5e 478884 shiro_1.3.2.orig.tar.xz
3c14726dbeecab004f5d3308b02844642b5908a445f237e2416d97bc36ca7ecc 20680 shiro_1.3.2-4+deb10u1.debian.tar.xz
3503a81b0e9b5406cf5223f57c95b0e509cefcdce6a844bbb9e66ed7af5875cd 13532 shiro_1.3.2-4+deb10u1_amd64.buildinfo
Files:
74d5b1ccc71ad1c679a74aefb75cff3e 2304 java optional shiro_1.3.2-4+deb10u1.dsc
030b2d8ebce394a581ce1a5248a21e0e 478884 java optional shiro_1.3.2.orig.tar.xz
89cb9f83982a74ef9bc9b88b2e459ce8 20680 java optional shiro_1.3.2-4+deb10u1.debian.tar.xz
71129cbb116c53ffd11c26b858235b01 13532 java optional shiro_1.3.2-4+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAmEpHfYACgkQLNd4Xt2n
sg+mMQ/+K0ooMRzDngCSmKbc/G2F8Amlkrl1BJMUUR+EiDSB27D5KkYUruXPBKVt
rB9nHec+EmAzAGNtCnzB6tmLqVJtAmPR+hRU6KZhopd/Jx5LPSKhujiivmBupLnK
T/H5gdLM7OUS+f+Tv4VoQ5qiCMJqOFKXIqNEEwSKrdYQzD6U+YST20pwvGIX7zqp
xdLeV1P83jVJp8rIUV5Wvn54hSXUkjZNjDfCqMeKzcn1W/e/aXJOrfXub2YE/qc+
Gj/5I+Z+43aWRf9ipr1GuRgI7AnbWI62xes8jJeswVX2Ex7z3CI1cCS2L1seP6bF
YAYXdoDl5ppEcWov78tjfdinOPgPfibT6RR5V8zAAS3GVca6ILVf5jjfl3CNPp87
Ln9dz0D46Ym4GqXRwOd4RPWJrZ6wqBEK6tsEjCu39XN5oeAUGG5eymdO1xj4Kgfq
dY82VRDmr+aPjQMhF1iTyoMUXp/evE8elnCbigcMO8ORSvDpNgMXDARXfDQclIws
yjxc8gm/Ypolfz1ZKWSnYDj4FV/CCZi3aPCYqbENSWWiWD7MbrUAqy7PrJcamq4f
LifA7bwkAJqXL2PqkXDx5RThr2F9Rr/lYnkMmE5qVhJncCriXII4tMGK5906/yoc
N+K2IDPxhexDA7Bx0WQCNT1cKJZjFrAWZ6dKhb5W48qdiYa3ffI=
=T03U
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the pkg-java-maintainers
mailing list