-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 15 Nov 2013 15:04:17 +0100 Source: libcommons-fileupload-java Binary: libcommons-fileupload-java libcommons-fileupload-java-doc Architecture: source all Version: 1.3-2.1 Distribution: unstable Urgency: low Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: libcommons-fileupload-java - File upload capability to your servlets and web applications libcommons-fileupload-java-doc - Javadoc API documentation for Commons FileUploads Closes: 726601 Changes: libcommons-fileupload-java (1.3-2.1) unstable; urgency=low . * Non-maintainer upload. * Add CVE-2013-2186.patch patch. CVE-2013-2186: Arbitrary file upload via deserialization. Properly validate repository in src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java. Thanks to Marc Deslauriers <marc.deslauriers@ubuntu.com> for providing the debdiff. (Closes: #726601) Checksums-Sha1: fd6957d2b6913dc2b26eaf0df51b028a4ba3e10f 2408 libcommons-fileupload-java_1.3-2.1.dsc 207439c5e1f8fa944db80ab7a0365a68f6f334d4 9179 libcommons-fileupload-java_1.3-2.1.debian.tar.gz bc70a2f66186ade550f2fe00a907d1720a5e4d36 61568 libcommons-fileupload-java_1.3-2.1_all.deb 6cf7206315546ff8d51a99c3e993b688f6cbccba 369604 libcommons-fileupload-java-doc_1.3-2.1_all.deb Checksums-Sha256: cca68651a4ad9b7978a9a5c5f62cbcba49090af95a42e7bd9a9bc678a1e81839 2408 libcommons-fileupload-java_1.3-2.1.dsc e538c703b5cd5801b05b4e989e25e7edd4507e62a937284c03857fa70625aa77 9179 libcommons-fileupload-java_1.3-2.1.debian.tar.gz e029f3d4531507116f26f627ef688e65b8d4929aa0f0027007534f4b3ddfabdc 61568 libcommons-fileupload-java_1.3-2.1_all.deb 0043a4b522e9f3c66ebacd27c2b26cf8a0132fed1d1b37b721855041aaa08ab1 369604 libcommons-fileupload-java-doc_1.3-2.1_all.deb Files: 7b2e3b62299b6b4946c24bd142f73e7c 2408 java optional libcommons-fileupload-java_1.3-2.1.dsc 829d99ebfd35ad699f1ad71fa7aa97c5 9179 java optional libcommons-fileupload-java_1.3-2.1.debian.tar.gz f30fad1535858ea305f90a52adca3c3a 61568 java optional libcommons-fileupload-java_1.3-2.1_all.deb ecce775c2962aed6fa772850f6f6e361 369604 doc optional libcommons-fileupload-java-doc_1.3-2.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJSiRq9AAoJEAVMuPMTQ89EGeMP/i6xiuhitDCwCjmBqsySrECa ggBupxurvoY6DDkZF+Q1GWcUB/ARwWMwfalkzeA6DXtSRenuXyfcOHiukofY4hDq 5lNBPfJPaee4KONx0qTuUGIp/8MK06h1Y9o7rNRWSIXoNoTXEdIQFmua3mfajqNc etm0bjXDMNGH7VlABWG0kdjEX82tY5BLvLiVEU16ta4fi4WFE2RExwUKaD/y/x2I 7SEhVZPsoGk9lUFOzrqzu9nH2mxEJu+ym9Yf113cpoLspo11Ng5rQRWZZ3EJ/IOs z2QuwQZKIck1D3LtOeVSCPJ1UE33XNrbLKyqzbMOq6EVC7S4BwACY9SRcD+iLw5/ 4y7k3CYbFJspfClKM316qTjfYIA+Pc7gaB51z/6m7G/vSJ9U2YmuDv2NQIGnzr9A Ra4WMNAhlLo4CjUyhf6TFx6G5QVx5MExYOOyBeFrk4HehwOsBggf55HsBcJk49aW 3zPrVbAk6HXhUtaf1BLRs+o0/YSb90pBAMk1ekIDOdDUU5qWEsrMLb8KsQy+EvNG grGOc+h7MpmsN4Ecug4Knau5ghwccD3xbuEzqLNfydwsjmBBhvY3J3hM3mxUjF3x hpSuIOD4Wr7PvT9Yv9OsbAJmypHshpY6r7fQM30YahAUQvPfGV7I5jWeR1+SGREz tCqW7uU71tdqOlOhByA6 =dXjO -----END PGP SIGNATURE-----
