Accepted libthrift-java 0.9.1-2.1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted libthrift-java 0.9.1-2.1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates
From: Andreas Beckmann <anbe@debian.org>
Date: Sat, 08 Jun 2019 17:32:25 +0000
Message-id: <[🔎] E1hZfCb-000Hl6-HW@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 05 Jun 2019 02:55:16 +0200
Source: libthrift-java
Binary: libthrift-java
Architecture: source
Version: 0.9.1-2.1~deb9u1
Distribution: stretch
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Andreas Beckmann <anbe@debian.org>
Description:
 libthrift-java - Java language support for Thrift
Closes: 918736
Changes:
 libthrift-java (0.9.1-2.1~deb9u1) stretch; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for stretch.
 .
 libthrift-java (0.9.1-2.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2018-1320:
     It was discovered that it was possible to bypass SASL negotiation
     isComplete validation in the org.apache.thrift.transport.TSaslTransport
     class. An assert used to determine if the SASL handshake had successfully
     completed could be disabled in production settings making the validation
     incomplete. (Closes: #918736)
Checksums-Sha1:
 2f8644b57303fd19a2641d2db299a261491a7ae7 2203 libthrift-java_0.9.1-2.1~deb9u1.dsc
 9b0a6d34e1ba07debc8ea3e6232f07d7bd943b5b 3288 libthrift-java_0.9.1-2.1~deb9u1.debian.tar.xz
 279c985f85a6bdcec3bf5d4a5d4e66993f536420 15015 libthrift-java_0.9.1-2.1~deb9u1_source.buildinfo
Checksums-Sha256:
 0588b44f236fabef34aa13897966648ca3d219c97fc4ef054313fbf7fd349383 2203 libthrift-java_0.9.1-2.1~deb9u1.dsc
 002509827e42d6cef130629052cbba9acf729c0f6c675c90bccf0304045665c4 3288 libthrift-java_0.9.1-2.1~deb9u1.debian.tar.xz
 5ffbd4f3f04f6107fec1f042b9c2fbefe72c293eaaa851f754c75e19251f1ea5 15015 libthrift-java_0.9.1-2.1~deb9u1_source.buildinfo
Files:
 dfc52f5a6052f663fe3375bd71eadb32 2203 java extra libthrift-java_0.9.1-2.1~deb9u1.dsc
 3cc21675499a3adaaa074831ed39453c 3288 java extra libthrift-java_0.9.1-2.1~deb9u1.debian.tar.xz
 b31117c8f12a8c7b119c8958c3c75270 15015 java extra libthrift-java_0.9.1-2.1~deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAlz3F4wQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCEUQD/4pqsy31r4ISw6FtvPBB+zmXhzziZszwiA9
RwtP8+xOEvEN6DHCS1qajtX0BWuYq+zov+cL0Xzz6xaOTc3xgB2GlZ2v+J4qHnJ4
mSFjJDPKQdU3csSAy/P1aHh3IduLN+roUTmUaBfqZd8Z38WqhHJY5pcn0gzHtGom
gd9OhXzPGPJ33gUHlhjCYBRALnE3sl2JO1rJrMDBiUkY09mXKkIRwUNRciEIvjNK
Sm2jY0dFMDclVV0z7umE77G+TzTLRKbxAiR5/Kq2DpfZiLADIyASCsWkPBdcbfJC
PccMGPHYedb/qbuX4AnvugKaXkNfVcPTQ0e/Bf9Ku7/J86t5qyG412LGPr6ZMLBz
V2VkWNlID73Hm3bas1VYKuni2rWxgT67fBu/SB+nQjNIuQuPk9kXHHGaBWzjB3Wz
z5saCTbFisc4Jey0K4XOIBij1InjBfH65FiQpE9ojVLbMXkTGes6jiEgTozdQnd9
H4ivqe9t77sKrWsOIC4xpKBUibZUIB8DzERjNnJj1Sh5JHGi6fJ0AsiPeiumIxwT
Sp7DKN1A0J0/Q0s98cCNQuuZ0xYFnECPCQK3gAMGK0uE9pbmuWSdgyf5DR/cfcXd
64bjYTsBQZvt9vAq8AlBi48tZ01ZxdvgtwyiB2XPjq4ojJrcfiaMBoAbSbSVPqLG
t4aMZ4zu7g==
=uhK7
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted minissdpd 1.2.20130907-4.1+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates
Next by Date: Accepted libevent-rpc-perl 1.08-2+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
Previous by thread: Accepted minissdpd 1.2.20130907-4.1+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates
Next by thread: Accepted libevent-rpc-perl 1.08-2+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
Index(es):
- Date
- Thread