-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 04 Oct 2023 15:02:45 +0200 Source: openrefine Architecture: source Version: 3.6.2-2+deb12u2 Distribution: bookworm Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Changes: openrefine (3.6.2-2+deb12u2) bookworm; urgency=medium . * Fix CVE-2023-41887 and CVE-2023-41886: OpenRefine is a powerful free, open source tool for working with messy data. Prior to this version, a remote code execution vulnerability allows any unauthenticated user to execute code on the server. Checksums-Sha1: f82c9b4a08cec2366d2451fb24e57df1e66364a3 3614 openrefine_3.6.2-2+deb12u2.dsc 1094920fd88dc12cf36183ad7c7ea653067d9c8d 311076 openrefine_3.6.2-2+deb12u2.debian.tar.xz bff894f35d49f1fe10846ee9345d7c2632fa1177 18286 openrefine_3.6.2-2+deb12u2_amd64.buildinfo Checksums-Sha256: 8c119bcb688b2aa46eb150dd8e93034eb0e97d900fb6d916423f1be2aa2a9c2d 3614 openrefine_3.6.2-2+deb12u2.dsc 78e968ccce093112c60a1cf7dc36de050b89961ffdf1dd5062b303503ebdebcb 311076 openrefine_3.6.2-2+deb12u2.debian.tar.xz 5ba2cade4375eebefde0268123c76c10b977ea2f04432835ef58bdeca5efaaee 18286 openrefine_3.6.2-2+deb12u2_amd64.buildinfo Files: 91a4412487c662d862b26a14aca7e12c 3614 java optional openrefine_3.6.2-2+deb12u2.dsc 1db1c584c2f8499478f8591dd08b04b2 311076 java optional openrefine_3.6.2-2+deb12u2.debian.tar.xz 2469dae4a07be9fa93e611e9d6da7aee 18286 java optional openrefine_3.6.2-2+deb12u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUdaR9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hks5UP/jEocSraq21y5ano1QZzin/TAqk7cv4BI1ES bTTUXryowx1fwh1RLV1uGnUqrRxlY3GezoDHo40/I3maYvNODDbkPNwjtanE7Dwy WfjlZb4zqUmByaZNO6BijxVv0Z/ycon55z7T6KNV4I+qcDgncNWjbx5KIQS8y3tM GggEmyi2Ikjrh9s0rRoTIBHRot/wZ1V/tl/cH9379odhE9f0rsqyWGPrEclyZn2q u+73w32SRDUOosk2Qgf76qBRXU4b3C+eVE23HECvmWq12wiW/5ZkrYEUVsJanbnS PPGs79IiirquDbxAVnHZBPK2UPoEUU78dWi0nfIBquQDj8i5h7xNqXPzKnIkU9Os iCh/C5qr3yNxyxyc5wbh1Ygcnj85Dbi9ZjsTr5gPz+0HxRKIjgeghaRDMminrUEZ KybeD6cZghOCXsAcVJHtlXMp/kHvecdNwHVwNS/LxJFjeR4ghi+A6/z8FMifUDUz bSyvUp1uJOaD+r1P9a9tQsnkXoI2AQFu/nBdEd0RZ/72d3eIMDjokM7QliVVUsKZ bPwmxxI+0pev5om6lBNO+PX9KPmL1ayMv+Qti6WeMaRBpjzWUzDNZ7qYrippXf4v rEvXrIqm1k1ru3kx1eWuhRiSHk2bDHN68g6Dh+klNMIA3A9l6f/nULVEfEWh3gVn /1XFk3tb =+gLW -----END PGP SIGNATURE-----