Re: Bug#559789: libgnucrypto-java: CVE-2008-5659 predictable random number generator

To: Michael Gilbert <michael.s.gilbert@gmail.com>, control@bugs.debian.org
Cc: 559789-quiet@bugs.debian.org, debian-java@lists.debian.org
Subject: Re: Bug#559789: libgnucrypto-java: CVE-2008-5659 predictable random number generator
From: Torsten Werner <twerner@debian.org>
Date: Sat, 23 Jan 2010 17:40:29 +0100
Message-id: <[🔎] 4B5B267D.7000408@debian.org>
In-reply-to: <20091206223343.f79c1ef2.michael.s.gilbert@gmail.com>
References: <20091206223343.f79c1ef2.michael.s.gilbert@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

retitle 559789 RM: libgnucrypto-java -- RoM; security issue, no rdeps,
low popcon
reassing 559789 ftp.debian.org
clone 559789 -1
retitle -1 RM: libgnucrypto-java/stable -- RoM; security issue, no
rdeps, low popcon
reassing -1 release.debian.org
thanks

Hi,

Michael Gilbert schrieb:
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for classpath.  libgnucrypto-java embeds classpath, so it is
> also affected.
> 
> CVE-2008-5659[0]:

there is no need to keep this old package IMHO. That is why I am filing
removal requests.

Cheers,
Torsten
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAktbJn0ACgkQfY3dicTPjsNfkQCeOniYUI9Wzu1LfW/DHVKtJQzQ
bfYAn0CA1JD/ZlGm9pk+2GnsFgP19BWA
=Q6Bf
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Re: clojure packaging (fwd)
Next by Date: RFS: libmx4j-java
Previous by thread: Re: clojure packaging (fwd)
Next by thread: RFS: libmx4j-java
Index(es):
- Date
- Thread