Control: tags -1 -moreinfo +pending On Fri, 2015-09-11 at 18:01 -0300, Miguel Landaeta wrote: > On Mon, Aug 31, 2015 at 06:56:38PM +0200, Moritz Muehlenhoff wrote: > > > > Moving the rdeps to groovy2 seems the better fix to me (#793911). > > I agree on that and I believe debian-java is working towards that > goal. > > However, I have not figured yet out how to fix CVE-2015-3253 since > groovy FTBFS in stretch and sid (#793630).
I see that "groovy" in unstable is now the 2.X codebase, and appears to include the fix for the CVE. Flagged for acceptance. Regards, Adam
