Debian has JGroups 2.12, this version doesn't use authentication. An attacker can disrupt a node (stopping or slowing it down) but not execute arbitrary code.
Diagnostics are enabled by default. We can simply disable them by default. Emmanuel Bourg -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
