Debian Package Tracker

From: Emmanuel Bourg <ebourg@apache.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted libcommons-collections3-java 3.2.1-7+deb8u1 (source all) into proposed-updates->stable-new, proposed-updates
Date: Thu, 26 Nov 2015 21:47:07 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 24 Nov 2015 12:18:15 +0100
Source: libcommons-collections3-java
Binary: libcommons-collections3-java libcommons-collections3-java-doc
Architecture: source all
Version: 3.2.1-7+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Emmanuel Bourg <ebourg@apache.org>
Description:
 libcommons-collections3-java - Apache Commons Collections - Extended Collections API for Java
 libcommons-collections3-java-doc - Documentation for libcommons-collections3-java
Changes:
 libcommons-collections3-java (3.2.1-7+deb8u1) jessie-security; urgency=medium
 .
   * Backported a modification from commons-collections 3.2.2 disabling
     the deserialization of the functors classes unless the system property
     org.apache.commons.collections.enableUnsafeSerialization is set to true.
     This fixes a vulnerability in unsafe applications deserializing objects
     from untrusted sources without sanitizing the input data.
Checksums-Sha1:
 74861837f1c2a907cf2f3d1eac037b4527217dc6 2383 libcommons-collections3-java_3.2.1-7+deb8u1.dsc
 d33ad9aa2d1388d1caf347770eb32076ffd1e195 611057 libcommons-collections3-java_3.2.1.orig.tar.gz
 796d80aa41678743a74e7eead6b82d72ec269727 8740 libcommons-collections3-java_3.2.1-7+deb8u1.debian.tar.xz
 2f29f0df456ae2297fdf07918171efc80f55df14 596694 libcommons-collections3-java_3.2.1-7+deb8u1_all.deb
 3511600686c16d042dc04c0b6f95bf9af7940133 473276 libcommons-collections3-java-doc_3.2.1-7+deb8u1_all.deb
Checksums-Sha256:
 c7e5cab1c77ac78219f93a6b23a7c9b80b0b9390433c7445a6ea0e04f8c21f33 2383 libcommons-collections3-java_3.2.1-7+deb8u1.dsc
 36b4a1fb1e9a31e41f8d6b1abdbb76967035b20c06850506a13a782d51e68ecd 611057 libcommons-collections3-java_3.2.1.orig.tar.gz
 0aac6d93b7d4b9c000c17b9ff15353c5e9fa5464b81802e4605f316d40ae596a 8740 libcommons-collections3-java_3.2.1-7+deb8u1.debian.tar.xz
 95b421f1263d138e0b7af6d822c22e3618221f6a0b08c71e89d113da150e02e6 596694 libcommons-collections3-java_3.2.1-7+deb8u1_all.deb
 ee17a007208571b441ce338f0756a3c499a2a594ca1611fab0ecd1659d40caaa 473276 libcommons-collections3-java-doc_3.2.1-7+deb8u1_all.deb
Files:
 0c1b39b1d54eda089657c5b24d74c47d 2383 java optional libcommons-collections3-java_3.2.1-7+deb8u1.dsc
 ca4f5a29715733d2622cd0bb2f6bb48b 611057 java optional libcommons-collections3-java_3.2.1.orig.tar.gz
 1cb8c4fc8be768d2d9d9df30b98f38ea 8740 java optional libcommons-collections3-java_3.2.1-7+deb8u1.debian.tar.xz
 5b9de02c9d76ad3eeb6777cf80ec88dc 596694 java optional libcommons-collections3-java_3.2.1-7+deb8u1_all.deb
 29ed230f7190fd1f45845b3df30112f3 473276 doc optional libcommons-collections3-java-doc_3.2.1-7+deb8u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWVF+WAAoJEPUTxBnkudCsHqYP/0SmSEFoiljygcqQHnl10+dH
3AG/aG2zhCHuP+rwwiQP8uUXWAnnHyNk6nTRevENgWtQtgY/PzsUmIpP8EKSsu2j
nVhwLR/vhYXIr6igwvdjmrAyfFtTnVoIFSt+6ogE0SQZTwdeP65u2G6tSj+0liM7
euYUHuRixXvurUjW5NLgFRxzhs6AmbmlFh2DvyfyJ/wf6MLB8uq3JYM+RCT0yPeu
qlED3iTtYmJtihLjkxb/fs1ehaMM0XeitphA4NnqqoNy1K7j7Y8H6yu406QnQCi6
Qeu9b/Z4KziiMhqNDJ4T+GB0WO+sF9+rEjZ5jG+ZsNDlFNs1CNGyvLsAetID5O7s
NlWYGV1V6Pz40dxzPQd46qAPqE/846MUIpsFroICoWA+SOAzUmz+0XYaKKxf6PR3
FmL0LVMxolCBRlOwv1Ib5H5TefcX+cYz6odFvxVMAngNOw08icQjc5Lrw+gCNbhz
DGrWT3lnMKb+W2W7zI4EKbcPj+h+l1XzeWdl7IUsdYV3OkpW3fjIsH6DbMgFetLz
0p8xcmV6jXXOfCM9D3E2bAkWEYBpllsIom8NHUAm9XT+pUw2MTWBrHF9ELfWOX1M
kCuRUIOcyvpEHfyKWw7e9tMdUF6cL33VmT2++FAnx5JtRBKSqqIfhTrxSgq1HY8Z
bVmoV+heAlVck58mXmu/
=epZY
-----END PGP SIGNATURE-----
News for package libcommons-collections3-java
