Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To:
Subject: Accepted libjettison-java 1.5.3-1~deb11u1 (source) into stable-security
Date: Tue, 10 Jan 2023 23:03:14 +0000
Signed by: Markus Koschany <apo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 10 Jan 2023 22:27:48 CET
Source: libjettison-java
Architecture: source
Version: 1.5.3-1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 25d792a40a67f9e00c9cabd288b068ec9fb49b4a 2275 libjettison-java_1.5.3-1~deb11u1.dsc
 9414de8202a3c08bd27c06dae5f7b24050b974ad 3004 libjettison-java_1.5.3-1~deb11u1.debian.tar.xz
 9f8290ce97ede485dfb958e1c6c50519c105357b 14030 libjettison-java_1.5.3-1~deb11u1_amd64.buildinfo
Checksums-Sha256:
 ced0fbd0d3afe8083a4df885e9f8be3388813ff36d669c86ff40aa94d213207d 2275 libjettison-java_1.5.3-1~deb11u1.dsc
 1b828c839eefdf86d33ff5aaaab49c4c463e115e4883f5963c18a390edb7a687 3004 libjettison-java_1.5.3-1~deb11u1.debian.tar.xz
 53a605644b24843463476fb30ee0e92032c1c61ebfc4653f8ad82bc7f05e4b2e 14030 libjettison-java_1.5.3-1~deb11u1_amd64.buildinfo
Changes:
 libjettison-java (1.5.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2022-40150, CVE-2022-45685, CVE-2022-45693:
     denial of service via stack overflow / out of memory
Files:
 cf4f29ab957144aa2a00081d4ddeb480 2275 java optional libjettison-java_1.5.3-1~deb11u1.dsc
 c85f0f3de829bab9b54fe41afde7ac4b 3004 java optional libjettison-java_1.5.3-1~deb11u1.debian.tar.xz
 0f1adf1c1e290621a568a0db7680f1f4 14030 java optional libjettison-java_1.5.3-1~deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmO92FdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkbeoP+wSqtTc7ymNgTRiZ5VDrw5+95wF9WbsDDGvU
okpzMwJuZusXi13PDHECUdBDjTfjpvlY1RmbQmOsV+njBqhNuGSkE4iPWT5Isz2B
IT0Yl53vtQBcVnmWKcAOvhfcPB4Zdk+t100JiwqiY1mUxFUHfq1Yat0rK8UscK4f
e8e2T2ZX6W8Wqr3h2X2iMnkQB0EOco7edGV1aM/NsAMiFVLwzpsm7keAW8WCJVH1
it1/04IwP1pBT6+nq/8osFmrsGq8QRBm9g941RQQpOWdL/7jGnLl23jhPSXw/VZf
qmUCogItcbwyK03TOI3gtSPlXFoeIdzgYVAyVcgnwpv9RL3TA9puzYVf78wEqHNO
oxbHmEYmanvAeU5RUVsllIR/7s4lXeNEdh+VT4Ie09sRKeGwsumVQQ/v2Zd1nWOb
51+TVORiLSRErfiUlrIbo2qB/JVvfUecWlpJdKsbzTIEeQ9XUtlgrTmghfEkcQXC
SI0OJIHrCPIwq6Qe5EWZwHd705m6raefoqLvaAyGNIjprJerx1/DiR64eqW/n1Rv
rGDdch5v5tDkTDAI0wBR6H1FvAMwxyqDEjp+UAK+U1w+12OoFrDxo856Hnl5ZOEP
gjaNdlLs6Wjqd/qtrXl/+9w1WSNkXrBcoVricMZAnMHLOMpElAavc+v9mL4ZHRgR
P9CFCMrv
=MdIc
-----END PGP SIGNATURE-----

News for package libjettison-java