Re: Security issue in groovy<2.5.0

To: Emmanuel Bourg <ebourg@apache.org>
Cc: debian-java@lists.debian.org
Subject: Re: Security issue in groovy<2.5.0
From: Felix Natter <fnatter@gmx.net>
Date: Sat, 02 Sep 2017 16:35:37 +0200
Message-id: <[🔎] 87o9qt9nie.fsf@bitburger.home.felix>
In-reply-to: <87lgm6qktp.fsf@bitburger.home.felix> (Felix Natter's message of "Sat, 26 Aug 2017 19:51:14 +0200")
References: <87valmm50y.fsf@bitburger.home.felix> <d6318a67-aeec-5ef8-de12-d20cccc361d1@apache.org> <87h8wuux0t.fsf@bitburger.home.felix> <0ebe9b8d-3152-5ac0-13e6-f0d173ac2415@apache.org> <87lgm6qktp.fsf@bitburger.home.felix>

hello Emmanuel, 

Felix Natter <fnatter@gmx.net> writes:
>> Le 26/08/2017 à 18:14, Felix Natter a écrit :
>>
>>> The problem is that it may take weeks/months for groovy 2.5 to be
>>> released, and weeks/months until it's packaged for Debian.
>>
>> How big is the fix for Groovy? Do you know which commits should be
>> backported?
>
> It's a single (but nontrivial) commit:
> https://github.com/apache/groovy/commit/0305a38a0cc8f4190a1486c460ebc6f712ad1a07
>
> The groovy people decided not to backport to groovy 2.4.x, so I am not
> sure whether we shall do it?

Is there any update on this? What shall I do?
I don't mean to be impatient, I was just not sure whether you've seen
this.

Thanks and Best Regards,
-- 
Felix Natter
debian/rules!

Reply to:

Follow-Ups:
- Re: Security issue in groovy<2.5.0
  - From: 殷啟聰 | Kai-Chung Yan <seamlikok@gmail.com>

Prev by Date: Re: Java9: 90 broken by -source/-target
Next by Date: Re: Security issue in groovy<2.5.0
Previous by thread: Re: Java9: 90 broken by -source/-target
Next by thread: Re: Security issue in groovy<2.5.0
Index(es):
- Date
- Thread