Source: jython Version: 2.5.2-1 Severity: important Tags: security upstream
Hi Several issues were mentioned in Red Hat Bugzilla at [0] referencing the issue which creates executables class files with wrong permissions with CVE-2013-2027. At least it seems present in the Debian package that the package writes to /usr/share. In the SuSE bugzilla[1] there are some links to fixes applied in SuSE[2]. Could you please double-check the jython package in Debian? [0] https://bugzilla.redhat.com/show_bug.cgi?id=947949 [1] https://bugzilla.novell.com/show_bug.cgi?id=916224 [2] https://build.opensuse.org/request/show/284056 Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
