-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 26 Jun 2016 17:41:55 +0200 Source: libcommons-fileupload-java Binary: libcommons-fileupload-java libcommons-fileupload-java-doc Architecture: source all Version: 1.2.2-1+deb7u3 Distribution: wheezy-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libcommons-fileupload-java - File upload capability to your servlets and web applications libcommons-fileupload-java-doc - Javadoc API documentation for Commons FileUploads Changes: libcommons-fileupload-java (1.2.2-1+deb7u3) wheezy-security; urgency=high . * Team upload * Fix CVE-2016-3092: A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer (4096 bytes) used to read the uploaded file. This caused the file upload process to take several orders of magnitude longer than if the boundary was the typical tens of bytes long. Checksums-Sha1: 577de36d18286be237c67bf85f7ffb1252140627 2552 libcommons-fileupload-java_1.2.2-1+deb7u3.dsc e37cba3cbe6f236c07316513de2f7c7e451dd95a 9883 libcommons-fileupload-java_1.2.2-1+deb7u3.debian.tar.gz 030e2d918fa8debf331db8f3734e583bbdb0f7b6 54574 libcommons-fileupload-java_1.2.2-1+deb7u3_all.deb 612d991b998a77caeadb634053493b309dd9beea 372994 libcommons-fileupload-java-doc_1.2.2-1+deb7u3_all.deb Checksums-Sha256: 13e1f0223d92977112c4bb6adb6219029b45dec9edea22bb274b4cff4c4e4fe2 2552 libcommons-fileupload-java_1.2.2-1+deb7u3.dsc 2193b4eade1f1f2903e34eed5cf4727ec65620ad55d73988e6ed2397872e0456 9883 libcommons-fileupload-java_1.2.2-1+deb7u3.debian.tar.gz 5dcab617af7a39e58a19282153f9944d96ea0e8feb89633d64e04dfb64dce09f 54574 libcommons-fileupload-java_1.2.2-1+deb7u3_all.deb 4cfb10390ec76bed64d4260923ed379fa24f743c1442dcb8b5a6b9969f7c6314 372994 libcommons-fileupload-java-doc_1.2.2-1+deb7u3_all.deb Files: f7a6fe975ddc0b54ed04dafc5aaae814 2552 java optional libcommons-fileupload-java_1.2.2-1+deb7u3.dsc 18dbfdeeaa791084e6d348e76b5f083d 9883 java optional libcommons-fileupload-java_1.2.2-1+deb7u3.debian.tar.gz ac951b51b59c37684e4bf39707b8d5f3 54574 java optional libcommons-fileupload-java_1.2.2-1+deb7u3_all.deb 9ceee4eaa7dbb3a6f34650de53eb70ff 372994 doc optional libcommons-fileupload-java-doc_1.2.2-1+deb7u3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJXcBmUXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1Hkto4QAK/HPMGD4uUilHGhBdRtGafZ ucMPP1H+nN7JSMKbZl79jKk5ZH9kDSWHW4wEjmuP7uWaQ/L5Eji/AWSn7sg9WZbZ +sWhZ9kFEuleIWQ0bPCAGjhHeTvfoliHDXwRZNtm/AwX7liAj1DRU8GzaydXHadQ 8Rg/DTXQEcX+5mkj3prXLTQ3rm8se9dTBiiy8bqXSVjvCpi37IGJ8nfXbZC55EAB F0Adh/o5aIANDw+IDfpLzeH9d3y5Zm8i1XXl8gz4QSz8lx/Rl/iSgMDstk8qilCm bR52yy/vDiRO1DlgBukSxW6CpQnLZPZHARBfj9WC4ttPzyE+SfLDLr8pjM1Z6KBq Cl4d+hq1mvcnqsxab+YVaIVD/kCwOQZuhSIBF0q4qnacFp8WWxAgELvV3AgBs1d4 IaH/bCxQYYNlx1gTIgsePou4r87d/3mFWbUkmw7q52UFCyYZkUsgzjyMQMUVEfz6 bb2Ut4qD5BgMQBWn0qXEsVKMKQGFugmbpuMH9cESGR5uiBN/uDWxFjRa06PBAuvs El1pOcIXkeoyLmRyAb38y+2x1LnXyvTwUk1kDw92lqGzqNV4+0UB3hQcppu5sAbN uj1vjiKGsi+CYY0hgo8Tots3BZcYHFuWLdcALaYBp5fhz+cS5yb6nG5A2USbSaUF EQIApjwuI6L4I928EraN =Ts6H -----END PGP SIGNATURE-----