Bug#611138: CVE-2010-4438 / CVE-2011-5035

2012-05-13 Thread Damien Raude-Morvan
Hi all, Le dimanche 13 mai 2012 18:54:38, Steve McIntyre a écrit : > >Sadly, no :/ I must admit that Oracle does not publish details of its > >fixes so it's hard to confirm firmly what's component is exactly > >impacted. > > > >I'll try to revive my contact @Oracle to get some feedback on this > >

Bug#611138: CVE-2010-4438

2012-05-13 Thread Steve McIntyre
On Wed, Jan 04, 2012 at 09:12:31PM +0100, Damien Raude-Morvan wrote: >On 01/01/2012 19:47, Julien Cristau wrote: >>Hi, > >Hi Julien, > >>On Wed, Jan 26, 2011 at 19:46:32 +0100, Damien Raude-Morvan wrote: >> >>>So I don't think Debian package is affected by this issue, but we'll have to >>>wait unti

Bug#611138: CVE-2010-4438

2012-01-04 Thread Damien Raude-Morvan
On 01/01/2012 19:47, Julien Cristau wrote: Hi, Hi Julien, On Wed, Jan 26, 2011 at 19:46:32 +0100, Damien Raude-Morvan wrote: So I don't think Debian package is affected by this issue, but we'll have to wait until Oracle/Glassfish team publish some source code to confirm ths. Did that happ

Bug#611138: CVE-2010-4438

2012-01-01 Thread Julien Cristau
Hi, On Wed, Jan 26, 2011 at 19:46:32 +0100, Damien Raude-Morvan wrote: > So I don't think Debian package is affected by this issue, but we'll have to > wait until Oracle/Glassfish team publish some source code to confirm ths. > Did that happen in the last year? Cheers, Julien -- To UNSUBSC

Bug#611138: CVE-2010-4438

2011-01-26 Thread Adam D. Barratt
user release.debian@packages.debian.org usertag 611138 + squeeze-can-defer tag 611138 + squeeze-ignore thanks On Wed, 2011-01-26 at 22:34 +0100, Moritz Mühlenhoff wrote: > On Wed, Jan 26, 2011 at 07:46:32PM +0100, Damien Raude-Morvan wrote: > > So I don't think Debian package is affected by th

Bug#611138: CVE-2010-4438

2011-01-26 Thread Moritz Mühlenhoff
On Wed, Jan 26, 2011 at 07:46:32PM +0100, Damien Raude-Morvan wrote: > Hi, > > Le mardi 25 janvier 2011 23:02:18, Moritz Muehlenhoff a écrit : > > See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4438 > > > > Please get in touch with Oracle to check, what "unspecified > > vulnerability"

Bug#611138: CVE-2010-4438

2011-01-26 Thread Damien Raude-Morvan
Hi, Le mardi 25 janvier 2011 23:02:18, Moritz Muehlenhoff a écrit : > See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4438 > > Please get in touch with Oracle to check, what "unspecified > vulnerability" they fixed... From CVE abstract : " Sun GlassFish Enterprise Server contains a fl

Bug#611138: CVE-2010-4438

2011-01-25 Thread Moritz Muehlenhoff
Package: glassfish Severity: grave Tags: security See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4438 Please get in touch with Oracle to check, what "unspecified vulnerability" they fixed... Cheers, Moritz -- System Information: Debian Release: 6.0 APT prefers testing A