Re: [pkg-eucalyptus-maintainers] Bug#691900: gwt: CVE-2012-4563
Le Wed, Oct 31, 2012 at 07:47:07AM +0100, Moritz Muehlenhoff a écrit :
> Package: gwt
> Severity: grave
> Tags: security
> Justification: user security hole
> Please see https://developers.google.com/web-toolkit/release-notes#Release_Notes_2_4_0
> under "Security vulnerability in GWT 2.4".
> This was assigned CVE-2012-4563
Dear Thomas and Java team
In http://bugs.debian.org/684453, you have suggested to transfer the gwt
package under the debian-java umbrella. We agreed, and action was delayed by a
technical problem on the Dpkg side.
It is a bit embarassing to ping you with a grave bug, but if you would like to
take over the package, this is the good moment...
In particular I do not know if the best resolution for this bug is to upgrade
to 2.5.0 or to patch, so I am reluctant to take action by myself, worrying that
I might complicate your work on Gerrit.
Please let me know if I can help,
Tsurumi, Kanagawa, Japan