Debian Package Tracker

general

source: openjfx (main)
version: 11.0.7+0-5
maintainer: Debian Java Maintainers (archive) (DMD)
uploaders: Emmanuel Bourg [DMD]
arch: all any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 8u141-b14-3~deb9u1
old-sec: 8u141-b14-3~deb9u1
stable: 11.0.2+1-1
testing: 11.0.7+0-5
unstable: 11.0.7+0-5

versioned links

8u111-b14-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
8u141-b14-3~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
11.0.2+1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
11.0.7+0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libopenjfx-java
libopenjfx-java-doc
libopenjfx-jni
openjfx (5 bugs: 0, 5, 0, 0)
openjfx-source

action needed

A new upstream version is available: 11.0.10+0 high

A new upstream version 11.0.10+0 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2021-01-16 07:32

Multiarch hinter reports 4 issue(s) normal

There are issues with the multiarch metadata for this package.

libopenjfx-java-doc could be marked Multi-Arch: foreign
openjfx-source could be marked Multi-Arch: foreign
libopenjfx-jni could be marked Multi-Arch: same
openjfx could be marked Multi-Arch: same

Created: 2016-09-14 Last update: 2021-01-16 04:05

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 11.0.7+0-6, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit abdf9c68114d710391f157b2891af6f3cb46a7a0
Author: tony mancill <tmancill@debian.org>
Date:   Mon Sep 21 06:37:15 2020 -0700

    interim changelog
    
    Gbp-Dch: ignore

commit 13611b6ba94f97c79f2c0d9b73aefeffa768f2d5
Author: tony mancill <tmancill@debian.org>
Date:   Mon Sep 21 06:36:22 2020 -0700

    Remove/revert patch to force NUM_COMPILE_THREADS=1

Created: 2020-09-21 Last update: 2021-01-15 19:04

lintian reports 13 warnings normal

Lintian reports 13 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-09-21 Last update: 2020-09-21 06:03

5 ignored security issues in stretch low

There are 5 open security issues in stretch.

5 issues skipped by the security teams:

CVE-2018-2581: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).
CVE-2018-2941: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVE-2018-3209: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). The supported version that is affected is Java SE: 8u182. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g. code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVE-2020-14664: Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVE-2020-2585: Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).

Please fix them.

Created: 2018-01-17 Last update: 2020-10-22 06:00

Build log checks report 3 warnings low

Build log checks report 3 warnings

Created: 2020-09-21 Last update: 2020-09-21 23:36

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-11-17 05:41

news

[rss feed]

[2020-10-22] openjfx 11.0.7+0-5 MIGRATED to testing (Debian testing watch)
[2020-09-21] Accepted openjfx 11.0.7+0-5 (source) into unstable (Stephen Kitt)
[2020-09-21] Accepted openjfx 11.0.7+0-5~exp2 (source) into experimental (Stephen Kitt)
[2020-09-21] Accepted openjfx 11.0.7+0-5~exp1 (source) into experimental (Stephen Kitt)
[2020-09-03] Accepted openjfx 11.0.7+0-4 (source) into unstable (tony mancill)
[2020-08-06] Accepted openjfx 11.0.7+0-3 (source) into unstable (tony mancill)
[2020-07-09] Accepted openjfx 8u141-b14-3~deb9u1 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Emmanuel Bourg)
[2020-04-23] openjfx 11.0.7+0-2 MIGRATED to testing (Debian testing watch)
[2020-04-13] Accepted openjfx 11.0.7+0-2 (source) into unstable (Emmanuel Bourg)
[2020-04-10] Accepted openjfx 11.0.7+0-1 (source) into unstable (Emmanuel Bourg)
[2020-04-10] openjfx 11.0.2+1-2 MIGRATED to testing (Debian testing watch)
[2020-04-04] Accepted openjfx 11.0.2+1-2 (source) into unstable (Markus Koschany)
[2019-02-07] openjfx 11.0.2+1-1 MIGRATED to testing (Debian testing watch)
[2019-01-20] Accepted openjfx 11.0.2+1-1 (source) into unstable (Emmanuel Bourg)
[2018-12-17] openjfx 11.0.1+1-1 MIGRATED to testing (Debian testing watch)
[2018-12-04] Accepted openjfx 11.0.1+1-1 (source) into unstable (Emmanuel Bourg)
[2018-11-01] openjfx 11+26-5 MIGRATED to testing (Debian testing watch)
[2018-10-19] Accepted openjfx 11+26-5 (source) into unstable (Frédéric Bonnard)
[2018-10-10] Accepted openjfx 11+26-4 (source) into unstable (Markus Koschany)
[2018-10-07] Accepted openjfx 11+26-3 (source) into unstable (Markus Koschany)
[2018-10-06] Accepted openjfx 11+26-2 (source) into unstable (Emmanuel Bourg) (signed by: Markus Koschany)
[2018-10-03] Accepted openjfx 11+26-1 (source) into unstable (Emmanuel Bourg)
[2018-06-12] Accepted openjfx 8u171-b11-2 (source) into unstable (Emmanuel Bourg)
[2018-06-11] Accepted openjfx 8u171-b11-1 (source) into unstable (Emmanuel Bourg)
[2018-04-28] openjfx REMOVED from testing (Debian testing watch)
[2018-04-04] Accepted openjfx 8u161-b12-1 (source) into unstable (Emmanuel Bourg)
[2017-10-22] Accepted openjfx 8u151-b12-1 (source) into unstable (Emmanuel Bourg)
[2017-10-11] openjfx 8u141-b14-3 MIGRATED to testing (Debian testing watch)
[2017-10-06] Accepted openjfx 8u141-b14-3 (source) into unstable (Emmanuel Bourg)
[2017-10-04] Accepted openjfx 8u141-b14-2 (source) into unstable (Emmanuel Bourg)

bugs [bug history graph]

all: 6
RC: 0
I&N: 6
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 13)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 11.0.7+0-5ubuntu1
patches for 11.0.7+0-5ubuntu1