Accepted activemq 5.17.6+dfsg-2 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted activemq 5.17.6+dfsg-2 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Mon, 02 Jun 2025 16:04:57 +0000
Message-id: <[🔎] E1uM7ej-009VmT-Gc@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 29 May 2025 16:29:53 -0300
Source: activemq
Architecture: source
Version: 5.17.6+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Emmanuel Arias <eamanu@debian.org>
Closes: 1104933
Changes:
 activemq (5.17.6+dfsg-2) unstable; urgency=medium
 .
   [ Pierre Gruet ]
   * Removing the patch about missing Maven artifact as libxstream-java now
     properly declares the classpath of its jar
 .
   [Emmanuel Arias]
   * CVE-2025-27533: Avoid memory allocation with excessive size value during
     unmarshalling of OpenWire commands. The size value of buffers was not
     properly validated which could lead to excessive memory allocation
     and be exploited to cause a denial of service (Closes: #1104933).
     - d/control: Add libjavassist-java as build dependency. It is needed for
     the patch.
   * d/control: Add myself as uploaders.
Checksums-Sha1:
 b094c4c9a8370796f55f64508e8fc87a590a86a5 3605 activemq_5.17.6+dfsg-2.dsc
 2dd2c7746e3be1e0d648c7276d436feca7e2235d 27968 activemq_5.17.6+dfsg-2.debian.tar.xz
 18c0a3f945796edce2fcdc35b5311975f1ffc089 18889 activemq_5.17.6+dfsg-2_amd64.buildinfo
Checksums-Sha256:
 169caefb8ae24ad6c4e63a539a745901eb59dd2d01dc58955d72116bb59cb5f8 3605 activemq_5.17.6+dfsg-2.dsc
 b7743fece6e99c697bb64754ea98f6fe8704817f7d58ce9bbaba22df47c365ea 27968 activemq_5.17.6+dfsg-2.debian.tar.xz
 a2eae3f55bbe5da6508f01288f7cf324b9aaee4805d3ac0ef827534c56d53e40 18889 activemq_5.17.6+dfsg-2_amd64.buildinfo
Files:
 9e8331b5f6fae3dfe52c05461259459a 3605 java optional activemq_5.17.6+dfsg-2.dsc
 b38bb184cc4adc0e0508d003f1e77800 27968 java optional activemq_5.17.6+dfsg-2.debian.tar.xz
 41e666d9faf7388d2d46647fb29fd347 18889 java optional activemq_5.17.6+dfsg-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEE3lnVbvHK7ir4q61+p3sXeEcY/EFAmg9xZQSHGVhbWFudUBk
ZWJpYW4ub3JnAAoJEPqd7F3hHGPxMA0P/ikANbISCbTBwftdl4yjPfD1LUrdzXy6
1kAb+7EB6geJwLzh/yKl4zMTIJ3iU0QgpdcOqOcM/FlZB6qVGSwyuC02k1pHZb9m
DX5xO43VWe4BM7vJ6Vy7cexSjgO+un6B3OJ3CMViCBtYv4WiA/dUF5xNe0B0G/h3
KwSGlRAGpMMFuSTi/o1iiQaxOWIUOyrfCNsloKF1Q18KpQIZIQUy6pO2O1ctt6VT
l+gkIM7OPjQHEZcbN9ZiLOcLgZRmGUgJe4M/W2FIStkoG/yjQTy29b0J+YJddxAr
2VEBCGDOqkBhFFFOE/UzxBtPBNmOLJfnsdtcHaqus3aXQn5Pf5WJS7/DBEQtcsU+
R240KWxnL4DHB2xKxzGFgC+UvTtkDDr3IEMVyyVbSpB+tpElpsx60CRwATvLlyEK
v3LKG12nak54H2hptcdbDAbdlF2fv2uI/mlTwGoKN6FMcDmGFq2PiItofN5g1BBd
0N5JSNcShyN08zq0dirCnWS4cnL4G9Fg041PqpgwDtEnryPOoOhECpl97PalWCRb
rgHVkkQIxBW+ibzqHxCw8/2Hl8vD1KY43Zgn4Acv+djeoNUs0LDFfE/ZiebJRgkr
FE8hMw0tGqt+D9Lq69EIpN+VURl0Y/qZ6lIDffehikVH3OaxTg6/bpmrp/wcmc6W
sezx3qRsV1v5
=iJ1T
-----END PGP SIGNATURE-----

Attachment: pgpuLQc56odd0.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted osdclock 0.5-27 (source) into experimental
Next by Date: Accepted postgres-decoderbufs 3.2.0~beta1-1 (source) into experimental
Previous by thread: Accepted osdclock 0.5-27 (source) into experimental
Next by thread: Accepted postgres-decoderbufs 3.2.0~beta1-1 (source) into experimental
Index(es):
- Date
- Thread