Debian Package Tracker

From: Emmanuel Bourg <ebourg@apache.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted icedtea-web 1.8.3-1 (source) into unstable
Date: Fri, 09 Aug 2019 17:19:28 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 09 Aug 2019 18:57:41 +0200
Source: icedtea-web
Architecture: source
Version: 1.8.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Emmanuel Bourg <ebourg@apache.org>
Closes: 934319
Changes:
 icedtea-web (1.8.3-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream release (Closes: #934319)
     - Fixes CVE-2019-10181: Unsigned code injection in a signed JAR file
     - Fixes CVE-2019-10182: Path traversal while processing <jar/> elements
       of JNLP files results in arbitrary file overwrite
     - Fixes CVE-2019-10185: Directory traversal in the nested jar
       auto-extraction leading to arbitrary file overwrite
Checksums-Sha1:
 6bb5c55cf5f0ca5e0fddea3f315922b78b7381ef 2050 icedtea-web_1.8.3-1.dsc
 4836c96c23651a41e87dd1652188c90f1a83c26d 1805036 icedtea-web_1.8.3.orig.tar.xz
 3996749ac40316775fa4e9fc8470845c72e7eada 25624 icedtea-web_1.8.3-1.debian.tar.xz
 d230531a92e3825501775563e7c61b17a861c987 8340 icedtea-web_1.8.3-1_source.buildinfo
Checksums-Sha256:
 d7defb42015373ede092f2b43224a86c239d61aba5e799c908a19b725918e702 2050 icedtea-web_1.8.3-1.dsc
 0acc12aef7cf0dbdd194fee57cdbe8cf81796bdea1ea5af75fe8f8933c9530e4 1805036 icedtea-web_1.8.3.orig.tar.xz
 8e453a944afd6e60246251cd3be441d57ba9ee3aca95a3aaaa8aab46469518ab 25624 icedtea-web_1.8.3-1.debian.tar.xz
 fc21f130e4727e7c5f84044d5687be1ebd96923143dd61471636937133002ec9 8340 icedtea-web_1.8.3-1_source.buildinfo
Files:
 14e6b6402c00577521bc4b8686dca1cb 2050 java optional icedtea-web_1.8.3-1.dsc
 3b48f889e21b08daa6c259b6c8f04467 1805036 java optional icedtea-web_1.8.3.orig.tar.xz
 5b83673e92537251f4d32c7bc3747290 25624 java optional icedtea-web_1.8.3-1.debian.tar.xz
 33e5d250df85911ed817d429b9f30244 8340 java optional icedtea-web_1.8.3-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEuM5N4hCA3PkD4WxA9RPEGeS50KwFAl1Np1kSHGVib3VyZ0Bh
cGFjaGUub3JnAAoJEPUTxBnkudCsegMP/2B5T+84ouFHSN+kgctt2COVit9WOX+E
LlEuNJXNjKD1CYemycRk7IcnEmLHUu3KUOpEAuy/tiCydj7yfipEv2PsUHo84Zeg
NmmyfV6s7QoQe+2hWMfanGBYxtZLEA3kBQYAf3YCqq64RRmQW3VO4otw0MKkC8mp
+PcGZv7NamWpLKIFYwB7okX+908m21KEuhbVxKfOD1FkmCAY7e06jrPBkw9h0q2n
samJM0PJxFvmEitEuu1s/O7EtqS01+Its8OT8+9yFjdklAP/lCJRmAWlVu4f8pNR
OgJKi99bztMzbi5tOIvqSLiHtwFmmIm/yN6DLfB98HTSPd+nxLdhr4pt3P38Y2iy
n097o5ROvRYlfIcNqne0LgkuDwF3XGV64Z8tTp50HRjQBfqhlJIqNF8miGn50q3T
hcCTjtC0KYLwMD04HbjvMmFiL+VIfCbp6BSjL+pETogjEP3hRI5jBDhr6tkxEfi2
RT4JqNOFATS6OIuz9zqs1pRWnC0vr1V2dBKq2rde2Lq1Yv4i2NKioBcV3JFmhCj3
xgiysr6nzsE7HEs+rd2T4FZP9JPfPNucFunS/2YAWtFA5txTZM8WcpfdDoZ8RDiI
UHbO2ryGXK57yDrOdpixISbvSPg3L0Vjr7EqjL5UaxvJHIRJyDNGDxZhcSqXNdWA
UFERD68cC1TC
=b0eP
-----END PGP SIGNATURE-----
News for package icedtea-web
