-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 22 Jan 2017 21:57:14 +0100 Source: groovy Binary: groovy groovy-doc Architecture: source all Version: 1.8.6-1+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: groovy - Agile dynamic language for the Java Virtual Machine groovy-doc - Agile dynamic language for the Java Virtual Machine (documentatio Changes: groovy (1.8.6-1+deb7u2) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2016-6814: It was found that a flaw in Apache Groovy, a dynamic language for the Java Virtual Machine, allows remote code execution wherever deserialization occurs in the application. It is possible for an attacker to craft a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. Checksums-Sha1: 90526ec57bb2a58c57a256d69621dbb7a1200073 2616 groovy_1.8.6-1+deb7u2.dsc 38514ca88cb214e50b252720c737233f67507968 2794777 groovy_1.8.6.orig.tar.gz 72d6723735c75d0907390c30d103ff6eae0d739f 15515 groovy_1.8.6-1+deb7u2.debian.tar.gz 4f0bd157ce6b36a0124d5b6877c9071bdc0e8b90 10441110 groovy_1.8.6-1+deb7u2_all.deb 73c1419f84a8fdf752ddd92a8a6707a5edc0f7d5 4711134 groovy-doc_1.8.6-1+deb7u2_all.deb Checksums-Sha256: 11706ff7327154eed19b1f4e9126637457609a2c4f3713ac51fc118c269e70bb 2616 groovy_1.8.6-1+deb7u2.dsc 15bffe8a0432c7f316511d7259837f5fe4d4126acbc5ba8eaa2c39409e98646f 2794777 groovy_1.8.6.orig.tar.gz 7b7b633c1cd8f5bece6d33ed72a015bb6d66caccee5bfcdfdbee4ac990a21512 15515 groovy_1.8.6-1+deb7u2.debian.tar.gz 7aded86b9ff5f01da17e72cc9788b8bdb56224d21016264455610d9e25da5b33 10441110 groovy_1.8.6-1+deb7u2_all.deb 655fedd8b0eb7ff8c49e910c6118709457d9e7e9a61a734a9bd1fffbdb2c5d04 4711134 groovy-doc_1.8.6-1+deb7u2_all.deb Files: c3c40b5b46e1d52b209fea73d285378a 2616 java optional groovy_1.8.6-1+deb7u2.dsc eaf00260343f91da32a2aea900f7aa24 2794777 java optional groovy_1.8.6.orig.tar.gz 2ed7e313a6226178b7a6307cf02b096f 15515 java optional groovy_1.8.6-1+deb7u2.debian.tar.gz 18cb3e4b0751a721044edb57e881349f 10441110 java optional groovy_1.8.6-1+deb7u2_all.deb 128c63c2a3f259638d6711a305b74151 4711134 doc optional groovy-doc_1.8.6-1+deb7u2_all.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAliFIxpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkEpsP+QHlE2LIZrj4Je5NSj87YPiEgH83xUqdMgNH lOyuaTTuz9TMzjF7rzLEpT6exGJsfcUcgNpNmXHymIXJFQqUokmO3WM+xWAw3bVi 8b6BRqc56CgUaTSdoqsO5cPXXwipEEWAILTFyU2v2i/nnOsVnWf8pMGhblTXEerX PURIfsC5lNQYJ0sLW7NPndA24m+M9RDrEoFteuelFwZn4DoASK/v0Mn+H+vslZvD 8yV4q162FIDd7rSVwrAP+s9hevGZTzlF7T5B6S75+KDA/bPL0ed1f1baOcA7OSww IwLX5RTp1ST1C8bTm1nzKE93k19PwC4tOGXQ9OJOLM+pdFNQTAmPDoYFQ3V2p0L3 P/f2QpMC1vOzSsFyOWzFL6aL3q7h3UhEKYCmzFzMkiPQTlRs7Xn+tJkvVy3BN4yg KOm+HxOVDnEs9OxXOfQY4Tis4Zu9fFoNBINopsRndjodp5YaNCM4h+Wmbep4NDfu MVm5BVXPHa47NzLmUIYU0dcSkzQyLIYzj3Ud02h2PdYERMHha5SieBdRkyhja73h ZF6DR05paE40BcSEozs/PTukp+lKuHnJxzgZyfG7F3LnUtlD8HJp4fs/mN+aYFxe sIk2l6kMB/ERXuY1E/LOsI/lGJgk8d0rzqDWzmOkjzHB4p8uZLKj71UpcmaXFSk7 CtkomVj7 =uKlp -----END PGP SIGNATURE-----