On Wed, 9 Mar 2016, 17:09 Markus Koschany, wrote:
>
> Debian's watch file points to
>
> https://svn.apache.org/repos/asf/activemq/tags/
>
> but they apparently stopped tagging new releases some time ago.
>
>
> Hi Markus
I think they switched to git:
https://git-wip-us.apache.org/repos/asf?p=act
On Wed, Mar 9, 2016 at 4:03 PM Markus Koschany wrote:
>
> This issue is fixed in Git but Stephen Nelson wanted to ask upstream for
> some license clarifications. Unfortunately we haven't heard back from
> him since August 2015.
>
> https://lists.debian.org/debian-jav
I can re-create the FTBFS error.
Adding a build dependency on libaether-java resolves that issue but
then the following compilation error occurs:
[ERROR] BUILD FAILURE
[INFO]
[INFO] Compilation failure
/tmp/buildd/maven-depe
I had updated Vuze to 5.3 [1] but there were some outstanding
questions over the copyright of source files. I raised this with
upstream and they took a while to clarify it and I lost the momentum a
bit.
I'd still like to get it back into Debian so I'll import the latest
version and try to get it d
On 26 Nov 2014 10:45, "Raphael Hertzog" wrote:
>
> Hello Stephen,
>
> On Mon, 08 Sep 2014, Stephen Nelson wrote:
> > > For what it's worth, CVE-2014-3578 was assigned to a directory
traversal
> > > vulnerability in libspring-java
> &g
I have built this with the latest Oracle Java 8u20 JVM and the tests still
randomly fail i.e. two out of three builds with Oracle Java 8 were
successful.
Which leads to two possible reasons for the failure:
One of the build deps has been replaced with a later version and is causing
the breakage.
4-3578 was assigned to a directory traversal
> vulnerability in libspring-java
> ( http://www.pivotal.io/security/cve-2014-3578)
>
>
Thanks for letting us know about this one. I've had a quick look and it
might be more difficult to fix given that there hasn't been a specific
commit made in a later version of Spring which could be backported.
However, I will look into this in more detail and report back to the BTS
for this bug.
I think it's no-dsa too, but both can be fixed in a point release.
>
> Regards,
> --
> Yves-Alexis Perez - Debian Security
>
>
>
Cheers,
Stephen Nelson
Please find attached a patch which backports the security fix to the
version of Spring present in Debian Wheezy.
diff --git a/debian/patches/CVE-2014-0225.patch b/debian/patches/CVE-2014-0225.patch
new file mode 100644
index 000..9fe2e7b
--- /dev/null
+++ b/debian/patches/CVE-2014-0225.patch
@@
This part of the build logs is more relevant:
[junit] Tests run: 19, Failures: 1, Errors: 1, Skipped: 1, Time
elapsed: 6.243 sec
[junit] Test
org.apache.commons.math3.optim.nonlinear.scalar.noderiv.BOBYQAOptimizerTest
FAILED
[junit] Tests run: 19, Failures: 1, Errors: 1, Skipped: 1, Time
elap
There appears to be a fix for this in the latest trunk upstream:
http://svn.apache.org/viewvc/openjpa/trunk/openjpa-jdbc/src/main/java/org/apache/openjpa/jdbc/sql/HSQLDictionary.java?revision=1496128&view=markup
This fix isn't in any released version of the upstream as of yet. If
you want I'm hap
10 matches
Mail list logo
