Re: Salvatore Bonaccorso > The following vulnerability was published for libscram-java.
Hi Salvatore, I just uploaded 3.2-1 to unstable with the fix. libpgjava will need a (sourceful) rebuild once that package is installed. A branch with just the fix can be found at https://salsa.debian.org/java-team/libscram-java/-/tree/cve-2025-59432?ref_type=heads (I have no plans yet to upload that anywhere, do you want me to do that?) FYI, while building the fix on apt.postgresql.org I noticed that the current libscram-java does not compile anymore on bullseye and jammy, in case anyone wants to try that. Christoph __ This is the maintainer address of Debian's Java team <https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use [email protected] for discussions and questions.
