shiro_1.3.2-5_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Fri Aug 27 18:34:54 BST 2021
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 27 Aug 2021 13:10:19 -0400
Source: shiro
Architecture: source
Version: 1.3.2-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Roberto C. Sánchez <roberto at debian.org>
Closes: 955018 968753
Changes:
shiro (1.3.2-5) unstable; urgency=medium
.
* Team upload.
* Update patch for Spring Framework 4.3.x build failure.
* Cherry-pick upstream patch with Guice improvements.
* CVE-2020-1957: Fix a path-traversal issue where a specially-crafted request
could cause an authentication bypass. (Closes: #955018)
* CVE-2020-11989: Fix an encoding issue introduced in the handling of the
previous CVE-2020-1957 path-traversal issue which could have also caused an
authentication bypass.
* CVE-2020-13933: Fix an authentication bypass resulting from a specially
crafted HTTP request. (Closes: #968753)
* CVE-2020-17510: Fix an authentication bypass resulting from a specially
crafted HTTP request.
Checksums-Sha1:
480e59dd370ce6d79ea177f51a00f563455962d6 2272 shiro_1.3.2-5.dsc
fcc8b1b28f0f1fd02f2f27e6dbb0a8b58c0dc3ac 20652 shiro_1.3.2-5.debian.tar.xz
da681283559c80260cf6853495b0049fd5313dcc 13566 shiro_1.3.2-5_amd64.buildinfo
Checksums-Sha256:
3dc9863e96e8339b19f286c6f376be0f81d5e7b9a85912ba61f972b468b1169c 2272 shiro_1.3.2-5.dsc
949fd3320047c46b1aac4a1c39a7c053561738c5b10e4633585c0daa06966730 20652 shiro_1.3.2-5.debian.tar.xz
d457edfc1dec67963dc2966f5d0b0f44856e084cfa1847f739dfad3d842602e1 13566 shiro_1.3.2-5_amd64.buildinfo
Files:
61010d12ea9f8ef46464e068d50b4076 2272 java optional shiro_1.3.2-5.dsc
4d756ea1c2391edaba436e5f8f22b9dd 20652 java optional shiro_1.3.2-5.debian.tar.xz
c9d2453f90ae8706bbb57f43f2c9075b 13566 java optional shiro_1.3.2-5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAmEpHfgACgkQLNd4Xt2n
sg9Z4w//dMz/2YHROdoj53BolUBC3VyEP6tZKFWVUq6LWHaGp4LkkhiLQEskivVV
b5OL4/ztUWVS+jM6HeRUPlsu9ZkqNc5FhysHBZCdNUA9M5alLD6dsVLAIv8o+nmF
oyugyqlSnPFHKu6eojavIFwyp3My+BLHEoyNDwlqtqTv7U2QIiKDdQHTYffXexT9
8zZtgT9TbOefur+xW0peqNfRAi0Fl8mwHVCHDelMp0l9eEdpBqNPTrLZbUsgWPe5
NAKRBdidnk9vrgCoImK5Yvf9e2wox1OU+uyabfGv2tNTomD5Yjvi9okhi12PeUyN
X4xixcu50zK27QC3lbNzxVCpKK4ZLPXooBN9WN7Rz1aXePCdAI0xKnOD/JwSbRMQ
CRS85mkle0NA37zmLJMEKsLM/jKBMMx2575rC/Q6mWdsvhNxV9tL6YOwmu+yfXIq
uUA0TUegH/UGhLXiPcDctSZ7Cbfle5DzKZewjya6yuSxHDoukFVO+urMbFDewypf
4UgLw+4G3tMz7XwvnvDzLMG4xnp8WciG8d6+TzH5qGGuRK1yh545YezE+L4qtVAh
/wAUuubQiVmhX28CPSXPZLqsUjyZeLSl7KNyiqCBeru59O7pCUHGkVtSiOjSL38J
7vAyRwFQM7q0kMwdjxcuPw49/aVd9GEtU7u0F96wR7LSih99RuA=
=c9YY
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the pkg-java-maintainers
mailing list