Thank you for your upload.
But i think that the issue is not completely solved, upstream made it in
several commits (https://github.com/qos-ch/logback/commits/v_1.2.0).
The comment is not meaningful but this one is related to the
vulnerability :
https://github.com/qos-ch/logback/commit/979b042cb1f0b4c1e5869ccc8912e68c39f769f9
Fabrice Dagorn
Le 28/03/2017 à 18:09, Debian Bug Tracking System a écrit :
This is an automatic notification regarding your Bug report
which was filed against the liblogback-java package:
#857343: logback: CVE-2017-5929: serialization vulnerability affecting the
SocketServer and ServerSocketReceiver components
It has been closed by Markus Koschany <a...@debian.org>.
Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Markus Koschany
<a...@debian.org> by
replying to this email.
