Debian Package Tracker - libquartz2-java

A new upstream version is available: 2.3.1 high

A new upstream version 2.3.1 is available, you should consider packaging it.

Created: 2019-03-28 Last update: 2019-09-22 06:39

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-13990: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

Please fix it.

Created: 2019-07-27 Last update: 2019-08-20 20:34

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-13990: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

Please fix it.

Created: 2019-07-27 Last update: 2019-08-20 20:34

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-13990: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

Please fix it.

Created: 2019-07-27 Last update: 2019-08-20 20:34

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2019-13990: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

Please fix it.

Created: 2019-07-27 Last update: 2019-08-20 20:34

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2019-07-08 20:08