Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted jackrabbit 2.3.6-1+deb7u2 (source all) into oldstable
Date: Sun, 18 Sep 2016 16:20:09 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 18 Sep 2016 16:53:45 +0200
Source: jackrabbit
Binary: libjackrabbit-java
Architecture: source all
Version: 2.3.6-1+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description: 
 libjackrabbit-java - content repository implementation (JCR API)
Changes: 
 jackrabbit (2.3.6-1+deb7u2) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2016-6801:
     The CSRF content-type check for POST requests did not handle missing
     Content-Type header fields, nor variations in field values with respect to
     upper/lower case or optional parameters. This could be exploited to create
     a resource via CSRF.
Checksums-Sha1: 
 0c5a50587918f2fc7bdf8e21fdbe961bb7c7d01d 2257 jackrabbit_2.3.6-1+deb7u2.dsc
 29e14116e9ef60c7974239d863d22c07bab6f6dd 12202 jackrabbit_2.3.6-1+deb7u2.debian.tar.gz
 67c58113b4bf4584021be0509c190c2a1a23373b 279772 libjackrabbit-java_2.3.6-1+deb7u2_all.deb
Checksums-Sha256: 
 6ac01b4cf44c69e1bb616f55192ae90f675f1a57be9249aa480e60485abe033e 2257 jackrabbit_2.3.6-1+deb7u2.dsc
 efa595e79009fa020fcf56a9fe8fe95733af8b6891936e0b9e268fc9a5c3a47a 12202 jackrabbit_2.3.6-1+deb7u2.debian.tar.gz
 68806444fdcdd5e2d1f531ca3c002d57e7f2f3d3dfa1cffe4e82facd510d051f 279772 libjackrabbit-java_2.3.6-1+deb7u2_all.deb
Files: 
 0f1acaef3e2d1cd5df16cacde8683951 2257 java optional jackrabbit_2.3.6-1+deb7u2.dsc
 3f98a46683b9bae258f03c2fa989ba54 12202 java optional jackrabbit_2.3.6-1+deb7u2.debian.tar.gz
 f52fd1c1a7a0a9e3b5d7cd108951f5e2 279772 java optional libjackrabbit-java_2.3.6-1+deb7u2_all.deb

-----BEGIN PGP SIGNATURE-----

iQKMBAEBCgB2BQJX3r5ZXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0DxxhcG9AZGViaWFuLm9yZwAKCRDZrRS5UTtR5AeDD/9v
sTVVVUl19af7MIWQZptTKi69qvS/UXtEDPf8BoK0iyMgDm2I5kfBDQCXqzYPJ/ki
kSYbsIMk8qDo31R6g6/zXpp4QTVLq9QpYs0gUm+Tc5Kp5oEDkf4YyNZT3k2snd84
uH+NY6bj/JRltYNTT/Oq/jaBXYEBu+eZH/fE1cpN64DB1FEKA4f8JJjBkpli9VRt
+Khw2BwqJIcreyK4CYcSJGvc4RhzClh5A/zekmIsuzeqZ1MjLjW3kKFXT9CSRtpW
9RBvn9m+N3xE0TzonaERqtrx/KZyRKZaeFCcYyXCsA3H8LR5sgCHis3avwgkE9l+
NkFPcVxAxDWlLGlLG/1T0lae0CMEWZSxsuWd9GGIRD+IX/BKKPIUSuq+KjzV85V+
G1zKcE/8xJvczrunSocR1PkP+DFVL1LP7vjYFHofgSGEXfa8WYX1PF4rhqn4JZp6
topXaC+31txjcBfmyJXKL5KlYS0inCtS1K+c8nlFUOovAK2PNxwm162rReB0bTas
aWS0B2IFtJSTFHOoikNgDRvIPN0jjNByZLfGLcBZ7lDNtI5EBWFyxSauzTLGevB5
Vum2GRVplJxS4RYULXl7omuG20PEdRsiqN2K6qjWT3+z9yhGU7z6BH0sLBfwc23n
ZDnLbvm5DFoeFiFGnppZtXbwJbqoTsQxmEBlX0rKBA==
=wAuK
-----END PGP SIGNATURE-----
News for package jackrabbit
