Bug#1025910: libcommons-net-java: CVE-2021-37533
Markus Koschany
apo at debian.org
Tue Dec 27 18:55:52 GMT 2022
Hello tony,
Am Dienstag, dem 27.12.2022 um 08:40 -0800 schrieb tony mancill:
> On Sun, Dec 11, 2022 at 09:02:16PM +0100, Salvatore Bonaccorso wrote:
> > Source: libcommons-net-java
> > Version: 3.6-1
> > Severity: important
> > Tags: security upstream
> > Forwarded: https://issues.apache.org/jira/browse/NET-711
> > X-Debbugs-Cc: carnil at debian.org, Debian Security Team
> > <team at security.debian.org>
>
> I see that there has been an upload of 3.9.0 on 2022-12-26.
>
> I'm just noting here that I prepared a 3.9.0 package locally but hadn't
> uploaded it yet because several of the build r-deps failed to compile.
> (Maybe I was just doing it wrong, but we may see some FTBFS.)
I noticed two FTBFS of wagon and nrepl-clojure. Both of them seemed unrelated
to me. I guess they will be fixed eventually. Everything else built fine. Sorry
for the double work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20221227/77abfa48/attachment.sig>
More information about the pkg-java-maintainers
mailing list