Debian Package Tracker

general

source: openjfx (main)
version: 11.0.2+1-1
maintainer: Debian Java Maintainers (archive) [DMD]
uploaders: Emmanuel Bourg [DMD]
arch: all any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 8u111-b14-1
old-sec: 8u141-b14-3~deb9u1
stable: 11.0.2+1-1
testing: 11.0.2+1-1
unstable: 11.0.2+1-1

versioned links

8u111-b14-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
8u141-b14-3~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
11.0.2+1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libopenjfx-java
libopenjfx-java-doc
libopenjfx-jni
openjfx (3 bugs: 0, 3, 0, 0)
openjfx-source

action needed

A new upstream version is available: 11.0.3+1 high

A new upstream version 11.0.3+1 is available, you should consider packaging it.

Created: 2019-04-13 Last update: 2019-07-22 23:54

Multiarch hinter reports 4 issue(s) normal

There are issues with the multiarch metadata for this package.

libopenjfx-java-doc could be marked Multi-Arch: foreign
openjfx-source could be marked Multi-Arch: foreign
libopenjfx-jni could be marked Multi-Arch: same
openjfx could be marked Multi-Arch: same

Created: 2016-09-14 Last update: 2019-07-23 01:33

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2019-02-07 Last update: 2019-07-23 01:30

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2018-2581: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).
CVE-2018-2941: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
CVE-2018-3209: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). The supported version that is affected is Java SE: 8u182. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g. code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

Please fix them.

Created: 2018-01-17 Last update: 2019-07-07 09:01

Build log checks report 3 warnings low

Build log checks report 3 warnings

Created: 2018-10-04 Last update: 2018-10-04 03:13

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.3.0).

Created: 2019-07-08 Last update: 2019-07-08 20:08

testing migrations

This package is part of the ongoing testing transition known as python2-rm. Please avoid uploads unrelated to this transition, they would likely delay it and require supplementary work from the release managers. On the other hand, if your package has problems preventing it to migrate to testing, please fix them as soon as possible. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2019-02-07] openjfx 11.0.2+1-1 MIGRATED to testing (Debian testing watch)
[2019-01-20] Accepted openjfx 11.0.2+1-1 (source) into unstable (Emmanuel Bourg)
[2018-12-17] openjfx 11.0.1+1-1 MIGRATED to testing (Debian testing watch)
[2018-12-04] Accepted openjfx 11.0.1+1-1 (source) into unstable (Emmanuel Bourg)
[2018-11-01] openjfx 11+26-5 MIGRATED to testing (Debian testing watch)
[2018-10-19] Accepted openjfx 11+26-5 (source) into unstable (Frédéric Bonnard)
[2018-10-10] Accepted openjfx 11+26-4 (source) into unstable (Markus Koschany)
[2018-10-07] Accepted openjfx 11+26-3 (source) into unstable (Markus Koschany)
[2018-10-06] Accepted openjfx 11+26-2 (source) into unstable (Emmanuel Bourg) (signed by: Markus Koschany)
[2018-10-03] Accepted openjfx 11+26-1 (source) into unstable (Emmanuel Bourg)
[2018-06-12] Accepted openjfx 8u171-b11-2 (source) into unstable (Emmanuel Bourg)
[2018-06-11] Accepted openjfx 8u171-b11-1 (source) into unstable (Emmanuel Bourg)
[2018-04-28] openjfx REMOVED from testing (Debian testing watch)
[2018-04-04] Accepted openjfx 8u161-b12-1 (source) into unstable (Emmanuel Bourg)
[2017-10-22] Accepted openjfx 8u151-b12-1 (source) into unstable (Emmanuel Bourg)
[2017-10-11] openjfx 8u141-b14-3 MIGRATED to testing (Debian testing watch)
[2017-10-06] Accepted openjfx 8u141-b14-3 (source) into unstable (Emmanuel Bourg)
[2017-10-04] Accepted openjfx 8u141-b14-2 (source) into unstable (Emmanuel Bourg)
[2017-10-04] Accepted openjfx 8u141-b14-1 (source) into unstable (Emmanuel Bourg)
[2017-04-19] Accepted openjfx 8u131-b11-2 (source) into unstable (Emmanuel Bourg)
[2017-04-19] Accepted openjfx 8u131-b11-1 (source) into unstable (Emmanuel Bourg)
[2017-01-25] Accepted openjfx 8u121-b13-2 (source) into unstable (Emmanuel Bourg)
[2017-01-24] Accepted openjfx 8u121-b13-1 (source) into unstable (Emmanuel Bourg)
[2016-11-30] openjfx 8u111-b14-1 MIGRATED to testing (Debian testing watch)
[2016-11-24] Accepted openjfx 8u111-b14-1 (source all amd64) into unstable (Emmanuel Bourg)
[2016-10-25] Accepted openjfx 8u102-b14-1~bpo8+1 (source amd64 all) into jessie-backports (Emmanuel Bourg)
[2016-08-01] openjfx 8u102-b14-1 MIGRATED to testing (Debian testing watch)
[2016-07-26] Accepted openjfx 8u102-b14-1 (source) into unstable (Emmanuel Bourg)
[2016-05-17] Accepted openjfx 8u91-b14-1~bpo8+1 (source amd64 all) into jessie-backports (Emmanuel Bourg)
[2016-05-17] openjfx 8u91-b14-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 3
RC: 0
I&N: 3
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 11.0.2+1-1
5 bugs