-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 18 Oct 2022 01:11:06 +0200 Source: bcel Architecture: source Version: 6.5.0-2 Distribution: unstable Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Closes: 1015860 Changes: bcel (6.5.0-2) unstable; urgency=high . * Team upload. * Fix CVE-2022-34169: The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. (Closes: #1015860) * Declare compliance with Debian Policy 4.6.1. Checksums-Sha1: 1bafff4f90f313851d2a3bd7707d46bbd626206b 2322 bcel_6.5.0-2.dsc 10bd2035840f0b63fd4b11f7849a5efa953e072a 7312 bcel_6.5.0-2.debian.tar.xz 2a340bd9004c6f5503a58ff1799d074f8e203522 14261 bcel_6.5.0-2_amd64.buildinfo Checksums-Sha256: bbfde2fa4cc4fa80bc01cdd5f582c47996cad38af13ff7c49d9ce1769556a01f 2322 bcel_6.5.0-2.dsc 63cbfd5456497c433e2847fb340f73d6cf3a4cfbcbebfca11498228b4b6250e5 7312 bcel_6.5.0-2.debian.tar.xz 8d5954586409b044e2754b3125acb88c13e1f4f46d08183995d3e2e0033a99b1 14261 bcel_6.5.0-2_amd64.buildinfo Files: 72745ebda82b1d91a7d24581c45fe3e1 2322 java optional bcel_6.5.0-2.dsc 907527ef1754cefe6e684b27c6c0c912 7312 java optional bcel_6.5.0-2.debian.tar.xz b15df4612f628bf390c2e575cc51ff7a 14261 java optional bcel_6.5.0-2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmNN4mFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hk+SQP/07XqhdnzT2j9sQhzgd2FeBK8T58Dy1i/qTE nhaDY5jeErAW/1/ByzUnV3h8wd34hpyYixhds8IWAZDFsbcvMh+Q8y53STvMB4Ri 4FR1TDNrFSo5MUmYnGgvXwq6lhepVO+wrTNtyjIZWjr7vUJDIuwcKvrJkvotifo6 7icCk/fjCeAbI5Vsrmgum55qYZA4MLckWb0M9oXReGRadx1NbWIWUKQO2nDYAOWS Ysx5350S7zksgZvfMSC5GIf5TrPhz9jsTZ0AZEn0Me98V20kraTxfZ1C1ddDp+QR fle/NP0Weqc59EobXqCTuzvRymtgVhrgSc1m7aYA89NWgV9OtDvewAzRhoWolNZJ qWg5GvvaT0AH++tv8Q0H3chgG5hHVgYzoc9AHzTJzn5vykboEjIFBRvY2l7G5IEn lRMcXTRijkVmTXtxA1ngguItO4Pi/JQ4agKRvqJSfpRR1r9cb7upiyxSF8X1gEIo r8iVAf/UNt5h5Ro/WOWyQSXaXXPqRuTbaBnsmsOx507hI3vMSz1JnmtFqjat912q jTJbpL2mWDLpWIEeqiZSe29XvZVTGlgseK7Q4mD4e4urV+BO15UsqIZ4hW9p6RfL sn9PN2a94OcwcNfhmU56urRWS5lN84ppFCUGRql+MaH3fih413LUTDDh1LaFx5Qx mlQvE7Xc =u3Jz -----END PGP SIGNATURE-----