kotlin - Debian Package Tracker

general

versioned links

1.3.31+~1.0.1+~0.11.12-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

action needed

A new upstream version is available: 1.6.0-RC2+~1.6.0-RC+~0.17.0 high

A new upstream version 1.6.0-RC2+~1.6.0-RC+~0.17.0 is available, you should consider packaging it.

Created: 2021-11-19 Last update: 2021-11-26 19:31

2 security issues in sid high

2 important issues:

CVE-2020-15824: In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
CVE-2020-29582: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.

Created: 2021-11-20 Last update: 2021-11-20 17:26

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2021-11-25 Last update: 2021-11-26 23:34

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.5.0).

Created: 2021-11-19 Last update: 2021-11-20 17:37

testing migrations

[2021-11-20] Accepted kotlin 1.3.31+~1.0.1+~0.11.12-2 (source) into unstable (Andrej Shadura) (signed by: Andrew Shadura)
[2021-11-19] Accepted kotlin 1.3.31+~1.0.1+~0.11.12-1 (all source) into unstable, unstable (Debian FTP Masters) (signed by: Andrew Shadura)

bugs [bug history graph]

links