Re: Security issue in groovy<2.5.0
- To: Emmanuel Bourg <ebourg@apache.org>
- Cc: debian-java@lists.debian.org
- Subject: Re: Security issue in groovy<2.5.0
- From: Felix Natter <fnatter@gmx.net>
- Date: Sat, 02 Sep 2017 16:35:37 +0200
- Message-id: <[🔎] 87o9qt9nie.fsf@bitburger.home.felix>
- In-reply-to: <87lgm6qktp.fsf@bitburger.home.felix> (Felix Natter's message of "Sat, 26 Aug 2017 19:51:14 +0200")
- References: <87valmm50y.fsf@bitburger.home.felix> <d6318a67-aeec-5ef8-de12-d20cccc361d1@apache.org> <87h8wuux0t.fsf@bitburger.home.felix> <0ebe9b8d-3152-5ac0-13e6-f0d173ac2415@apache.org> <87lgm6qktp.fsf@bitburger.home.felix>
hello Emmanuel,
Felix Natter <fnatter@gmx.net> writes:
>> Le 26/08/2017 à 18:14, Felix Natter a écrit :
>>
>>> The problem is that it may take weeks/months for groovy 2.5 to be
>>> released, and weeks/months until it's packaged for Debian.
>>
>> How big is the fix for Groovy? Do you know which commits should be
>> backported?
>
> It's a single (but nontrivial) commit:
> https://github.com/apache/groovy/commit/0305a38a0cc8f4190a1486c460ebc6f712ad1a07
>
> The groovy people decided not to backport to groovy 2.4.x, so I am not
> sure whether we shall do it?
Is there any update on this? What shall I do?
I don't mean to be impatient, I was just not sure whether you've seen
this.
Thanks and Best Regards,
--
Felix Natter
debian/rules!
Reply to: