Bug#1010670: libgoogle-gson-java: CVE-2022-25647 Deserialization of Untrusted Data via the writeReplace method
tony mancill
tmancill at debian.org
Sat May 14 21:31:59 BST 2022
On Fri, May 06, 2022 at 02:32:26PM +0100, Neil Williams wrote:
> Source: libgoogle-gson-java
> Version: 2.8.8-1
> Severity: important
> Tags: security
Hi Dominik,
Thank you for uploading to old-old-stable [1]. Are you interested in
doing the same for old-stable and stable? (If not, I plan to. I'm
asking only to avoid duplication of effort.)
Regards,
tony
[1] https://tracker.debian.org/news/1324685/accepted-libgoogle-gson-java-24-1deb9u1-source-all-into-oldoldstable/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20220514/4f8ddadf/attachment.sig>
More information about the pkg-java-maintainers
mailing list