Accepted mina2 2.2.1-4 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted mina2 2.2.1-4 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 22 Jul 2025 09:49:00 +0000
Message-id: <[🔎] E1ue9cK-00A9px-2c@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Jul 2025 23:47:20 +0200
Source: mina2
Architecture: source
Version: 2.2.1-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Pierre Gruet <pgt@debian.org>
Closes: 1091530
Changes:
 mina2 (2.2.1-4) unstable; urgency=medium
 .
   * Team upload
   * Fixing CVE-2024-52046: The ObjectSerializationDecoder in Apache MINA uses
     Java’s native deserialization protocol to process incoming serialized
     data but lacks the necessary security checks and defenses. This
     vulnerability allows attackers to exploit the deserialization process by
     sending specially crafted malicious serialized data, potentially leading to
     remote code execution (RCE) attacks.
     Closes: #1091530
Checksums-Sha1:
 0da4d640637d5c42cabc2b2c1883dc48156736fb 2189 mina2_2.2.1-4.dsc
 525a8aac3c97862bc8c3ff71d38a86c825209344 21212 mina2_2.2.1-4.debian.tar.xz
 54b18c999bf64bf1579892f705d6326832aa94cb 15214 mina2_2.2.1-4_amd64.buildinfo
Checksums-Sha256:
 5e6af53180e548d6435ef243f10e289d5e20d18d5fb495378d23cd4fe3dd1254 2189 mina2_2.2.1-4.dsc
 150c9dc97528c1f4204b8452786d8c9ee9cedd9f7caf3357150a3eb48881c7b8 21212 mina2_2.2.1-4.debian.tar.xz
 7d117456845ce91a75cd074d2e370ebe4cb814b7212406ad0f34ad4fb9e41b07 15214 mina2_2.2.1-4_amd64.buildinfo
Files:
 8db51ebe78141ff2a41fe655ee69d9d0 2189 java optional mina2_2.2.1-4.dsc
 90f0ef17172a78d77a59f047f7c7a8cd 21212 java optional mina2_2.2.1-4.debian.tar.xz
 39fc9c9bf45143559baa98ed51ceffd6 15214 java optional mina2_2.2.1-4_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEM8soQxPpC9J9y0UjYAMWptwndHYFAmh/WOEACgkQYAMWptwn
dHZfGg/9Fj0GjvHHkesC+8F0Z9LlCoF7SO8oto2A1DYMMSze56aDsiNyBtpS0qHZ
N9LIoFxbMB0M9vFCfdGuwwpuXKC71G9+osAxMfIMWi6MMjdGuSBIalYbDQ82wL8z
Wt6KJSsFZ031MgrEyvri2q+ackuox7377Q6k2ujtfGZPgAekoLSl1CQteKOPCUvo
xkXrRtSSH2AfYdiKI/AiY1UEPalnkoQoS/L7AQcSlG8H+K11w57U06Lojx29gZmL
AZZ62/dph1G22ORl0bbRAUYxLfPX673QwE0yCAZRLz69DRq6IikxPfpZcqJGbBWf
/TlZ6pMR+H6LKo3WPNNfBbu8nBykj8pB6XrG4fyRpaR8WF5ORhccIg9r9/AEbS2g
h7rwpwx413vgsRtNOjfOPpIZ3zBdbLx+O+xqwEZtSscUO79PCeITTUlgs5OlBO5g
CoPCx1MFJUXqENYWsTEWgTGch6if7HTy2xeJF4rzL/0zPeuVczs6qZ3QP+X5wtTU
oLBXHauh0Jt85mcLywtVboMXIVu0eeNIC3AoCco9d0hzXAa9baABbcADxoWR9vll
E6TvG6FAVk5ajuj0KOnvlMJTgXN5wAhxcFhcm1Lp4jHXo1znSPDXM16+NoeBXE6t
evLNe1k+npXKacv14PjKV9kXnUO4QUoashiQJgT0aZIUfpIc5EU=
=3w1w
-----END PGP SIGNATURE-----

Attachment: pgpHvPAObnZYo.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted qt6-webchannel 6.9.1-1 (source) into experimental
Next by Date: Accepted qt6-httpserver 6.9.1-1 (source) into experimental
Previous by thread: Accepted qt6-webchannel 6.9.1-1 (source) into experimental
Next by thread: Accepted qt6-httpserver 6.9.1-1 (source) into experimental
Index(es):
- Date
- Thread