Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted c3p0 0.9.1.2-9+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Thu, 03 Jan 2019 21:47:08 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 28 Dec 2018 18:41:05 +0100
Source: c3p0
Binary: libc3p0-java libc3p0-java-doc
Architecture: source
Version: 0.9.1.2-9+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 libc3p0-java - library for JDBC connection pooling
 libc3p0-java-doc - library for JDBC connection pooling (documentation)
Closes: 917257
Changes:
 c3p0 (0.9.1.2-9+deb9u1) stretch; urgency=medium
 .
   * Team upload.
   * Fix CVE-2018-20433.
     A XML External Entity (XXE) vulnerability was discovered in c3p0 that may
     be used to resolve information outside of the intended sphere of control.
     (Closes: #917257)
Checksums-Sha1:
 39b906f751a715d8fb713fb172d1cb3b3fa43198 2302 c3p0_0.9.1.2-9+deb9u1.dsc
 86e0fdd72b33ce00850be592fb14dabd3b88aa32 10584 c3p0_0.9.1.2-9+deb9u1.debian.tar.xz
 df2119acfa75dd5f034ac428f634b83dc28b8f85 11217 c3p0_0.9.1.2-9+deb9u1_amd64.buildinfo
Checksums-Sha256:
 874bb5776cfc31fe8a611924ebe6f8852fdd8b55170c75e31657d5d639dd2410 2302 c3p0_0.9.1.2-9+deb9u1.dsc
 f111efc54b8d161605bead4769c386b018f9644970e5db7c83301d830e1445f6 10584 c3p0_0.9.1.2-9+deb9u1.debian.tar.xz
 035e520fd8947e014a509d3c38a04054728d860ad115f87689351b27e4c16ac3 11217 c3p0_0.9.1.2-9+deb9u1_amd64.buildinfo
Files:
 81090f39665055248031245500a9c9ec 2302 java optional c3p0_0.9.1.2-9+deb9u1.dsc
 990d3c4aef1bf3ecbdfa4080a3869268 10584 java optional c3p0_0.9.1.2-9+deb9u1.debian.tar.xz
 7de1adc5c3b5b00379586a63a01a9e93 11217 java optional c3p0_0.9.1.2-9+deb9u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlwmZxFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk73IP/036gPCn34lHjVcPwm+bqdROORj9uZsG3yHG
9yvxJl/DpcoBGsrPKpVtkMOSYHTTnLKcRUc5klcQ8FcRlCEMqjg9POQXCtHpLJ3l
KjQMb5itnJ18TBRkhas9V4zrKkcKd931ya8jEHPA6Fj2tVMAwIg5bgpy+Pn08Phb
6/DTYN+ioVPxv+Y+/eetIcSS71uWgHU9akWdfUD69kk0TMnQ8p4bA3UPuAw7MO9R
V4qqF/Dk+HXi6c+UFvxLY/ZtfYO9WRcTipR0UxODF1eVG9iQ74HYgxIWmH37Fw36
D67u98JzVEVupB2wyL17pUnb4B4dvGk+scVpq4fFvC87yvvqv7D9dYErK+jdLJgc
pj4N5ph64AogIIgnjjZcoJWepG2uo1qz0VNawbVaOwmVZbfxmU0kZ9cNoh6+y+UQ
ZaLgqszhjz4m0ByPMuxDUDCRPpKxcTvYyOFIvuX6bUmvBxUmDxYAzaAixmSk3TQJ
sG4OxFJJSvhtOCa2CMUfdvc2+nGRoX5tq8+co+NbZ48WPOK/ULNVi+bSJqkSEPuY
T8LghApEJKYqsMKiEnbB3qufaAqRy0T+0EZTtw5VI7wys2rNj5A9jcJ3QDVLmWrQ
z+KNYIuKdka95Ea5bXDO7eeZJuhqQI7L4KFKE5Aw5H0vbOAsaMsv/j92I1+/702r
lGRL2tzI
=/hyF
-----END PGP SIGNATURE-----
News for package c3p0
