Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted libxmlrpc3-java 3.1.3-9+deb10u1 (source all) into proposed-updates->stable-new, proposed-updates
Date: Sat, 08 Feb 2020 16:32:13 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 06 Feb 2020 17:57:54 +0100
Source: libxmlrpc3-java
Binary: libxmlrpc3-client-java libxmlrpc3-common-java libxmlrpc3-java-doc libxmlrpc3-server-java
Architecture: source all
Version: 3.1.3-9+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 libxmlrpc3-client-java - XML-RPC implementation in Java (client side)
 libxmlrpc3-common-java - XML-RPC implementation in Java
 libxmlrpc3-java-doc - XML-RPC implementation in Java (API documentation)
 libxmlrpc3-server-java - XML-RPC implementation in Java (server side)
Closes: 949089
Changes:
 libxmlrpc3-java (3.1.3-9+deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2019-17570:
     An untrusted deserialization was found in the
     org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache
     XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a
     XML-RPC client causing it to execute arbitrary code.
 .
     Clients that expect to get server-side exceptions need to set the
     enabledForExceptions property to true in order to process serialized
     exception messages. (Closes: #949089)
Checksums-Sha1:
 45e939f5fd427bb28c00f907c3dd9c89cbacb710 2731 libxmlrpc3-java_3.1.3-9+deb10u1.dsc
 e2500160db7bd0f3c35aff2b99f5d0f5b2dc503f 170246 libxmlrpc3-java_3.1.3.orig.tar.gz
 708662e11f6ecef5746aa612750895b3d5c75f44 8608 libxmlrpc3-java_3.1.3-9+deb10u1.debian.tar.xz
 ea5e8b5983d481bbaa0b6fe213bcaa379ba347c6 52268 libxmlrpc3-client-java_3.1.3-9+deb10u1_all.deb
 7831503304d472a69cafccf41960bb6aaff39bb7 95728 libxmlrpc3-common-java_3.1.3-9+deb10u1_all.deb
 8fd68adea9a773b6c8a842b88fa22f764687c7d3 410140 libxmlrpc3-java-doc_3.1.3-9+deb10u1_all.deb
 006fba4d41a6dea275dc072dd608c2b17d752b7d 16732 libxmlrpc3-java_3.1.3-9+deb10u1_amd64.buildinfo
 fa27c58c8124b217c870b13d604da67005881731 75136 libxmlrpc3-server-java_3.1.3-9+deb10u1_all.deb
Checksums-Sha256:
 3ff1061fd310568c04508f8ef5bb4cc53a233e2391e1a67ff3a67eac548632a3 2731 libxmlrpc3-java_3.1.3-9+deb10u1.dsc
 659671d30eed83ed28a79d448b0960e93c6cc42d371058a375ea6ecdd66e1ad6 170246 libxmlrpc3-java_3.1.3.orig.tar.gz
 a07110ff959f2f7d649c999ce33ea8355635512d7b40740f63b2cfd0bd5d9ce7 8608 libxmlrpc3-java_3.1.3-9+deb10u1.debian.tar.xz
 a83805e19859a194971f80c4bd458643a5edbad90752515c35e2ebc4d6312c48 52268 libxmlrpc3-client-java_3.1.3-9+deb10u1_all.deb
 6e50f83cb3d7e94ccd60c875d22286a3b366a93627962eeadf4d827f35d369e5 95728 libxmlrpc3-common-java_3.1.3-9+deb10u1_all.deb
 bd84388c37503b99412386c68073f1373884e969e1ca0fe31d69ba24332c99f1 410140 libxmlrpc3-java-doc_3.1.3-9+deb10u1_all.deb
 e34b15ea0c7dcf5acbf70b15e84a4cee795c8d14d8c564aa8593a59e39ebb18d 16732 libxmlrpc3-java_3.1.3-9+deb10u1_amd64.buildinfo
 688ea4d5bd0d2ca250e627721771ee9cbdf1fc02c3d4541947e5a75cc654e495 75136 libxmlrpc3-server-java_3.1.3-9+deb10u1_all.deb
Files:
 05c1e0203dc48c293962733c6903a8a3 2731 java optional libxmlrpc3-java_3.1.3-9+deb10u1.dsc
 dc69f66876a8c75824b23766d7bf0d91 170246 java optional libxmlrpc3-java_3.1.3.orig.tar.gz
 948db061e3e5ec1bc08eca3b04165ded 8608 java optional libxmlrpc3-java_3.1.3-9+deb10u1.debian.tar.xz
 8cd73afb34685e58dd2629dcb4583145 52268 java optional libxmlrpc3-client-java_3.1.3-9+deb10u1_all.deb
 01c23838d39709ce499a722d0a0ceecc 95728 java optional libxmlrpc3-common-java_3.1.3-9+deb10u1_all.deb
 2c0ab48122c67fa47171d63ca2fca7a9 410140 doc optional libxmlrpc3-java-doc_3.1.3-9+deb10u1_all.deb
 7e31b9f21a6f02b57d37b1bba5b80cda 16732 java optional libxmlrpc3-java_3.1.3-9+deb10u1_amd64.buildinfo
 88444cf9e75f9089c279258c14aa38e9 75136 java optional libxmlrpc3-server-java_3.1.3-9+deb10u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl48Sk5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkWaYQAMXiBR7mg/qHPaWIMP2ERL46raJ1KJrAkEeR
C6tJbZtnF/JKBn6nYWZRmm3BwksG2nTVVrUndfrKSDd4wZMGMgm9KypQD7K9ZDrh
cIdhoVWtjLdrAeK83p2jkh6Syb61fbMXIBXhxMuY9xD3Ywghplt2tkxioLxPqrNP
8utyFRJpxyswC1kG/fKnQig+xwI9LBShN7kl3Dv+isKfAcZXQaVK4Qmsac5pEnGH
DGDRoiiq1fIP5w2i782jPN8upzRSLEhZx9GBK1mHe7iM+LpoieArgNJuhATwn49L
ts4s71mAS9nAmZ3T81XTgA0Q1EWWi4JWWmbjSH1TrQkI4Sk4fARE/GjUOZgSsAdc
rH1HYM7laEqKLJgaHyfgIwrGWXtPtqi7yI/+MM3h0oRSxneOEiXIbmw+ncWPnzsE
TamQf3Ky2Vjnnoc4C6MqxrN/6zKa6zuxGxlLob+nfM8c49KgZMi05aH2MA+8fxTQ
TQtZyJDniSrlr2rkFrVTmB5L/KPsUmuRz9okQsK5W5NpstJmWOFskSwEU4oBcFJZ
iTSBY4T52C+Gjaz902d32OoSSzsx4WIbKd1AT589YLXEUnMP5AA58zx7R7bonSw+
YWm9LTGR9UHOSMfie6bYTLbqIdQU8+UiMy8WCOHCJchqlLufInFKNG02d+4v/bAk
6algMpVa
=TIJC
-----END PGP SIGNATURE-----
News for package libxmlrpc3-java
