-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 10 Jan 2013 11:03:23 +0000 Source: jenkins-winstone Binary: libjenkins-winstone-java libjenkins-winstone-java-doc Architecture: source all Version: 0.9.10-jenkins-37+dfsg-2 Distribution: unstable Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: James Page <james.page@ubuntu.com> Description: libjenkins-winstone-java - Jenkins branch of Winstone servlet container libjenkins-winstone-java-doc - Documentation for libjenkins-winstone-java Closes: 696974 Changes: jenkins-winstone (0.9.10-jenkins-37+dfsg-2) unstable; urgency=high . * Fix HTTP splitting vulnerability (Closes: #696974): - d/p/CVE-2012-6072.patch: Cherry picked fix from upstream VCS which prevents HTTP headers being split into multiple lines. - Fixes: CVE-2012-6072 Checksums-Sha1: 34026550b6638e79e8b1816d3aac8e87c4ce9dad 2460 jenkins-winstone_0.9.10-jenkins-37+dfsg-2.dsc 9ac80fddaea0a5e80f15b915cdbedc02837ca213 69008 jenkins-winstone_0.9.10-jenkins-37+dfsg-2.debian.tar.gz e36678f682358aeec5fa131b95f3644a716998d8 356008 libjenkins-winstone-java_0.9.10-jenkins-37+dfsg-2_all.deb e155a5332a34c2c8074f49beb9cc9f02fa324b09 996072 libjenkins-winstone-java-doc_0.9.10-jenkins-37+dfsg-2_all.deb Checksums-Sha256: e8b2c9b805bd18e5fc177d2988bc095edb79f80df0c19880559bb65116cea040 2460 jenkins-winstone_0.9.10-jenkins-37+dfsg-2.dsc 94d2d6bdbf4c4a94267129d639e24e3395f45ac43ad75ac2e538acf9ab1440f4 69008 jenkins-winstone_0.9.10-jenkins-37+dfsg-2.debian.tar.gz 086e2b237da527ef1aa0ce038416b7a874736e16a71779b8d5ab0ba8d301e3e3 356008 libjenkins-winstone-java_0.9.10-jenkins-37+dfsg-2_all.deb 69c5883444b14013b2fce8c2611d2c0401178380c8a67ea7645d9e961a2aa883 996072 libjenkins-winstone-java-doc_0.9.10-jenkins-37+dfsg-2_all.deb Files: 437d570864d231a9490a924806586ccb 2460 java optional jenkins-winstone_0.9.10-jenkins-37+dfsg-2.dsc 70f00bc42f0fc9a918e906d51c4891f9 69008 java optional jenkins-winstone_0.9.10-jenkins-37+dfsg-2.debian.tar.gz 863a9a3522976fa2fba8e9183ba987bf 356008 java optional libjenkins-winstone-java_0.9.10-jenkins-37+dfsg-2_all.deb 4424a054aed69067c0a0929b8fd7121b 996072 doc optional libjenkins-winstone-java-doc_0.9.10-jenkins-37+dfsg-2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQ7qPCAAoJEL/srsug59jDsH0QAIIw72YflpOjKYkUVQRZz0DD 3eALCsHA75ocwjoER4nbUaCLgr88WQPn8xDcwA4n2PSNWM6/mZpNwylYAj6az3Om Yc8Eq7vW4TkpHqaRs7vbj/Lvx4eHteD4RVp1nQVhiLQUXjjnAtx6Tome13uO4r5F flErW8QMZTBzV3AqmkD90Q5IY91s8zDyCdICnFyWDmYA4wRrjxX3J8K+k/eXAL/p klb/zhQi8Onxu0UDQU9LEQqsbl3/GxlL/ECS/eEO7pGnKRuFBpOfOcCXTZcxME6V jQ9p74NoXNTcXEp8XHBMmM9XFVaYcKHlvW04t4kPKEQSh92s95vtGMbJLcM0l/kv WlqcErrbC2NqZB11/BTiTEhxF/dmxeUiWjesK07ZcjqfsIuMTyKxZmrlyGcv/W0l aBEyqVDmPXI09+fqhTc3l3iP1QdzqjKJLT+hYClmZntv1XSYcOkv7r3OXUV38eLx vFDi+n2oi5aIktMJUDdmGNEsSxQvrye4ZtFAIEb0eQRcXcrSiKX1ksUsoZGmdeAL 0l7t5dmq0d9mj35mp02LOMHqQckQiVLTr1EFjlvJQucczuilqo0AhDTvqa3EWNBk 8s/BwZnT4Kscw7GwQMh64N1wvOlqqu7DYh7n6xFHdYAGfzQ4UOKmj6NcHmh9W7sU dH+xr743hj+gLybeoISe =E2pX -----END PGP SIGNATURE-----
