Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted libgoogle-gson-java 2.8.6-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Sun, 11 Sep 2022 13:32:34 +0000
Signed by: Markus Koschany <apo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed,  7 Sep 2022 11:36:05 CEST
Source: libgoogle-gson-java
Architecture: source
Version: 2.8.6-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 f2bbd34766aa902c78916885df3dfbfa375b3626 2359 libgoogle-gson-java_2.8.6-1+deb11u1.dsc
 c50332e0e1ec84839d9144fa48d5a519709463c3 315804 libgoogle-gson-java_2.8.6.orig.tar.xz
 5438cb416986dfc1fb62d917e3cd2169b2fe4b0f 6184 libgoogle-gson-java_2.8.6-1+deb11u1.debian.tar.xz
 def9a32f0d2553df5dba6847f6bc1bdc7248e372 16502 libgoogle-gson-java_2.8.6-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
 5e779c4a6884f0256cae19e7f3d519d8bf8ad7f0af1511c4800dd0873412b004 2359 libgoogle-gson-java_2.8.6-1+deb11u1.dsc
 be2a1b56d110ce617adfe3d70ea359f9631881a3bb744ebe2fbb13c927742c00 315804 libgoogle-gson-java_2.8.6.orig.tar.xz
 efa369e674058522c2dd46318b12d8fbbf094985e445f2a2ff0d1d1cb6cb3e98 6184 libgoogle-gson-java_2.8.6-1+deb11u1.debian.tar.xz
 5767e28948b8902cce2365031f1edba416e61ee4188355ecc68c1786c0a0c15f 16502 libgoogle-gson-java_2.8.6-1+deb11u1_amd64.buildinfo
Changes:
 libgoogle-gson-java (2.8.6-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * CVE-2022-25647: A flaw was found in gson, which is vulnerable to
     Deserialization of Untrusted Data via the writeReplace() method in internal
     classes. This issue may lead to denial of service attacks.
Files:
 de457255632277c644eb2c73ff7b2842 2359 java optional libgoogle-gson-java_2.8.6-1+deb11u1.dsc
 72adc483d01853f43c5c392bf50d285b 315804 java optional libgoogle-gson-java_2.8.6.orig.tar.xz
 05c3c9f6568359a258b10c963946cb01 6184 java optional libgoogle-gson-java_2.8.6-1+deb11u1.debian.tar.xz
 867174b51fff00873f31ec94314f6de7 16502 java optional libgoogle-gson-java_2.8.6-1+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmMYZhtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk414QAJ4GCld681UziJVpp+ngfGjW2rFjV8DZ7m6l
NVWVBYk603eriJLM3phhUewxJNnMjH+hG346t+1EpaLnwVS9eixeq/35xWNBnIJ9
rxPJ8UM39AyyHKN8Ku3wlsjYArMbFUcDiIR4mczTHjZ7s0iyhAPLquvq3ltWKdvd
PZ/m6b1L+IcOMkTOnrGqTJQ/qlMMdV0AgUlEmuiRVwzGcIthKcenf6WlLRRFGJ5O
K3p6pxHgOZaLvQyLNH60N/PHtLNLbSJtreWp+qAbiAfcfvIIoXhuRWrkVGHdJuq1
Wep1d3tFp5k17l8JksN2DJlGD3cAKj7gdvCMg+6//e0r1ixfObEDVZVgnMJLD8DC
iX1rlh2y3+CDTwCM/gIWnPWLBNibrLlRc5y2+fwm0YdU/AK9mlREXXF5gcSoqrAf
Y7gUs4R2Z18DWgo03rXZLxjwq7c6IGNcql5IzeLLLqSwim2aFAulfT7TE/QLnGnd
WHR/bwAamW2Al2/NYnQ2iytY58DVcPNctDwZXQ4T/2KlfXcyGAboQSNrCdNtH6y3
e2UtIZkJw13GA3up1Q22YGKLXjhBF18wS6ji2xIyVs57+uwFaQjcHfNeZuOE0cr1
dJnRIEONPkpaGIn+j1bcFpfTbi0S3qIB2dgL/FueEIkq/K6ES6ntHyJoWdWK59fd
p8EofWFM
=AB0g
-----END PGP SIGNATURE-----

News for package libgoogle-gson-java