Bug#674448: CVE-2012-2098

2012-08-18 Thread Adam D. Barratt
On Sat, 2012-08-18 at 11:15 +, Jonathan Wiltshire wrote: > Package: libcommons-compress-java > > Dear maintainer, > > Recently you fixed one or more security problems and as a result you closed > this bug. These problems were not serious enough for a Debian Security > Advisory, so they are no

Bug#674448: CVE-2012-2098

2012-08-18 Thread Jonathan Wiltshire
Package: libcommons-compress-java Dear maintainer, Recently you fixed one or more security problems and as a result you closed this bug. These problems were not serious enough for a Debian Security Advisory, so they are now on my radar for fixing in the following suites through point releases: s

Bug#674448: CVE-2012-2098

2012-07-18 Thread Nico Golde
Hi, * Miguel Landaeta [2012-07-18 17:02]: > On Thu, May 24, 2012 at 08:13:35PM +0200, Moritz Muehlenhoff wrote: > > Please see https://commons.apache.org/compress/security.html > > > > Fixed in 1.4.1. This doesn't warrant a DSA, but you could fix > > it through a point update for Squeeze 6.0.6. >

Bug#674448: CVE-2012-2098

2012-07-18 Thread Miguel Landaeta
On Thu, May 24, 2012 at 08:13:35PM +0200, Moritz Muehlenhoff wrote: > Package: libcommons-compress-java > Version: 1.2-1 > Severity: grave > Tags: security > > Please see https://commons.apache.org/compress/security.html > > Fixed in 1.4.1. This doesn't warrant a DSA, but you could fix > it throu

Bug#674448: CVE-2012-2098

2012-06-21 Thread Miguel Landaeta
On Thu, Jun 21, 2012 at 12:12 AM, tony mancill wrote: > How would the point update work for Squeeze given that there is a new > build dependency that needs to be added to Squeeze as well?  Once we > have approval, can we simply upload both the new package and the updated > libcommons-compress-java

Bug#674448: CVE-2012-2098

2012-06-20 Thread tony mancill
On 06/17/2012 04:11 PM, Miguel Landaeta wrote: > tags 674448 + pending > thanks > > On Thu, May 24, 2012 at 08:13:35PM +0200, Moritz Muehlenhoff wrote: >> Package: libcommons-compress-java >> Version: 1.2-1 >> Severity: grave >> Tags: security >> >> Please see https://commons.apache.org/compress/s

Bug#674448: CVE-2012-2098

2012-06-17 Thread Miguel Landaeta
tags 674448 + pending thanks On Thu, May 24, 2012 at 08:13:35PM +0200, Moritz Muehlenhoff wrote: > Package: libcommons-compress-java > Version: 1.2-1 > Severity: grave > Tags: security > > Please see https://commons.apache.org/compress/security.html > > Fixed in 1.4.1. This doesn't warrant a DSA

Bug#674448: CVE-2012-2098

2012-05-24 Thread Moritz Muehlenhoff
Package: libcommons-compress-java Version: 1.2-1 Severity: grave Tags: security Please see https://commons.apache.org/compress/security.html Fixed in 1.4.1. This doesn't warrant a DSA, but you could fix it through a point update for Squeeze 6.0.6. Cheers, Moritz -- To UNSUBSCRIBE, em