emacs-bug-tracker
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47342: closed (java-xstream@1.4.15 is vulnerable to CVE-2021-21341,


From: GNU bug Tracking System
Subject: bug#47342: closed (java-xstream@1.4.15 is vulnerable to CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350 and CVE-2021-21351)
Date: Tue, 23 Mar 2021 22:32:01 +0000

Your message dated Tue, 23 Mar 2021 23:31:32 +0100
with message-id <20210323233132.63d67c9b@tachikoma.lepiller.eu>
and subject line Re: bug#47342: java-xstream@1.4.15 is vulnerable to 
CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, 
CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350 
and CVE-2021-21351
has caused the debbugs.gnu.org bug report #47342,
regarding java-xstream@1.4.15 is vulnerable to CVE-2021-21341, CVE-2021-21342, 
CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, 
CVE-2021-21348, CVE-2021-21349, CVE-2021-21350 and CVE-2021-21351
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
47342: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=47342
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems
--- Begin Message --- Subject: java-xstream@1.4.15 is vulnerable to CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350 and CVE-2021-21351 Date: Tue, 23 Mar 2021 15:33:26 +0100 User-agent: Evolution 3.34.2
Upstream has made a release: 1.4.16 - which fixes all the issues,
following is an unfinished patchset that fixes the issues, java-
mxparser package does not build and help from some more experienced
Java packagers is welcome to fix and push this patchset.

Attachment: signature.asc
Description: This is a digitally signed message part


--- End Message ---
--- Begin Message --- Subject: Re: bug#47342: java-xstream@1.4.15 is vulnerable to CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350 and CVE-2021-21351 Date: Tue, 23 Mar 2021 23:31:32 +0100
Le Tue, 23 Mar 2021 15:33:26 +0100,
Léo Le Bouter via Bug reports for GNU Guix <bug-guix@gnu.org> a écrit :

> Upstream has made a release: 1.4.16 - which fixes all the issues,
> following is an unfinished patchset that fixes the issues, java-
> mxparser package does not build and help from some more experienced
> Java packagers is welcome to fix and push this patchset.

Pushed as 4490dff98c6979a77f3982716239b526e0ef1337 to
8b2b5463963d5d4dee480b0cf73fa4a9eca414ba to master,
with changes discussed on IRC.

Thanks a lot for noticing it!


--- End Message ---

reply via email to

[Prev in Thread] Current Thread [Next in Thread]