-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 09 Oct 2020 21:51:56 +0200 Source: eclipse-wtp Binary: eclipse-wtp eclipse-wtp-xmltools eclipse-wtp-webtools eclipse-wtp-xsl eclipse-wtp-ws eclipse-wtp-servertools w3c-xsd-xslt Architecture: source Version: 3.6.3-3+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: eclipse-wtp - Eclipse Web Tools Platform eclipse-wtp-servertools - Eclipse WTP server tools eclipse-wtp-webtools - Eclipse HTML, CSS and Javascript tools eclipse-wtp-ws - Eclipse web services tools eclipse-wtp-xmltools - Eclipse XML tools and editors eclipse-wtp-xsl - Eclipse Extensible Stylesheet Language tools w3c-xsd-xslt - XML Schema for W3C EXtensible Stylesheet Language Transformations Changes: eclipse-wtp (3.6.3-3+deb9u1) stretch-security; urgency=high . * Team upload. * Fix CVE-2019-17637: In Eclipse Web Tools Platform, a component of the Eclipse IDE, XML and DTD files referring to external entities could be exploited to send the contents of local files to a remote server when edited or validated, even when external entity resolution is disabled in the user preferences. Checksums-Sha1: af841805d01ab94c8f8d69d6325920fc3e18b172 3063 eclipse-wtp_3.6.3-3+deb9u1.dsc 5f10e106ab2685c5d0f49474b248b91acb1cfab1 12058848 eclipse-wtp_3.6.3.orig.tar.xz 324891f8f0ee6df60822e4fb0ec688d45bc92dc0 34924 eclipse-wtp_3.6.3-3+deb9u1.debian.tar.xz 1ed55ac4874a937774f13cc20a5ae3c9770e9878 16377 eclipse-wtp_3.6.3-3+deb9u1_amd64.buildinfo Checksums-Sha256: ee354c0f92f07d5e101c4a5706010ae460cc3b1ce679c2bc431eaddd9c5fd34e 3063 eclipse-wtp_3.6.3-3+deb9u1.dsc 38686b6ebefa0a0fe80ff8d8128cacafb15a1c6b454a66e8f28befdbff97e62a 12058848 eclipse-wtp_3.6.3.orig.tar.xz c212f8ccad624d31c66d3e8808f051fe3ca3a3054326609d6ac763a6b6726769 34924 eclipse-wtp_3.6.3-3+deb9u1.debian.tar.xz 565f71aa255112c28f861412be622f991f94f67604ca88a889db063556928acb 16377 eclipse-wtp_3.6.3-3+deb9u1_amd64.buildinfo Files: 7f43206f525c4a84d2e8a2b6df9a9a29 3063 devel optional eclipse-wtp_3.6.3-3+deb9u1.dsc 1628cb008ca6a2d4cda99dfb3bc6c1d3 12058848 devel optional eclipse-wtp_3.6.3.orig.tar.xz 018be0f7b2a4355679148b021b8b3cd7 34924 devel optional eclipse-wtp_3.6.3-3+deb9u1.debian.tar.xz 456536a034e4de8285cf3ffc2496ef0c 16377 devel optional eclipse-wtp_3.6.3-3+deb9u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl+A4o9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HklksP/1viM/mzXGQRXHAJtpu6LLze+RyuhVggeS8r 3/RFujk1BQ0DzpleHDY8uV4MJiaxVYWldTetnKOewH9gjCHjPP5QF3hzDRO+wxkn SSmeKHPb3w57g6vDyYbQxvOHQATayXz31p7y6KiiQ61PRSPEFzhA/EG+0NwVwhOm 0jtcanXuH7TAfo3SKdwjBJ3dJr6S/bvAGZ7PIE+L42Yr3UkpVMpfS98qzrLeV6YQ FVjZ4jt7EdW2lEME1gNBpaqF2YGd9aWNoL3vu7EEQhyrLzhbl+ngbAs6Zzy/r90G GCxww6uoqHtPAWGn2/mzKiSNFa51whgtHsyVGlDH8qe4/tch2aqtA0zVDfRyXvjd /nJpr7q+nxiHgm+zxxwk2aUgMKro8RX9guAgPM0U+/pe+sQIBIp7nNgiUJx/9nZD +8s9xVtzjmG0j902XBEpFtEUXSmf0j1pUPtJQ0vYVw2ve63C6HI5pXLW+AQH6U6l P4Sp4eM3vhjmFTZ6Tvbz/YxCwbFPNlgkclrj+uY3VFGL/HmS6bOMZji+8pcwvxgE q2S1jkl0RD2CxfMKw+QagF/DeM/xIeAdH4KK7hKq9TOFTYQcDwE+i8j23nB8kjFv +9Sxalg9LFAxzs0LkGplpDP8NvUGmQW+aE10Gi29AHcF1VhV5BeFZPf8f0v8UDjL oGppMr2t =M9dr -----END PGP SIGNATURE-----
