Accepted bsh 2.0b4-12+deb6u1 (source all i386) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 29 Feb 2016 12:59:05 +0100
Source: bsh
Binary: bsh bsh-gcj bsh-doc bsh-src
Architecture: source all i386
Version: 2.0b4-12+deb6u1
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
bsh - Java scripting environment (BeanShell) Version 2
bsh-doc - Documentation for bsh
bsh-gcj - Java scripting environment (BeanShell) Version 2 (native code)
bsh-src - Java scripting environment (BeanShell) Version 2 (source code)
Changes:
bsh (2.0b4-12+deb6u1) squeeze-lts; urgency=high
.
* Non-maintainer upload by the Debian LTS Team.
* Fix CVE-2016-2510.
An application that includes BeanShell on the classpath may be vulnerable
if another part of the application uses Java serialization or XStream to
deserialize data from an untrusted source. A vulnerable application could
be exploited for remote code execution, including executing arbitrary shell
commands.
Checksums-Sha1:
3de393df4e6eb989e0a9a3676157ce5540dc0d45 2069 bsh_2.0b4-12+deb6u1.dsc
227b9e694a110075d023e013fc3c672b94169460 9096 bsh_2.0b4-12+deb6u1.debian.tar.gz
83eee716310250bfd20d5ef9a005c2620c8b111b 270696 bsh_2.0b4-12+deb6u1_all.deb
2dd4227df41b772c02c0f1e870e749244802cc9c 422198 bsh-doc_2.0b4-12+deb6u1_all.deb
11cf0a93c023e081f5066a2d081b78c45aada546 836072 bsh-src_2.0b4-12+deb6u1_all.deb
23abe7b31de747c5d92f577b265d5ba67292f6ef 360178 bsh-gcj_2.0b4-12+deb6u1_i386.deb
Checksums-Sha256:
799cd893a68a748fb30a774d38272a6f94554cb7a482650bb1a15adef8cb0b45 2069 bsh_2.0b4-12+deb6u1.dsc
490dfac19faf7a89496acbc1c497190b38109487f7e0b5204eb1479883c40f51 9096 bsh_2.0b4-12+deb6u1.debian.tar.gz
73b3da5565832155958fd18ca50cce842ba5b727e09cffce1ed1c9616f835430 270696 bsh_2.0b4-12+deb6u1_all.deb
1fae8ff921141c03a62d9a6d429984ea772eacb6a9f28b743a34135eece46a10 422198 bsh-doc_2.0b4-12+deb6u1_all.deb
277c0b07f17901b37500025d2eb85ef50531277840083e96ccf8a54c89993373 836072 bsh-src_2.0b4-12+deb6u1_all.deb
3650b72260d6e88e37ca36eb298327503dbd2da7747e7714f8300c73f1b7aec6 360178 bsh-gcj_2.0b4-12+deb6u1_i386.deb
Files:
c5debd2bd9310e552627619878a4b002 2069 java optional bsh_2.0b4-12+deb6u1.dsc
8c7d2c6b4bc6974150e21b6b1d2df8df 9096 java optional bsh_2.0b4-12+deb6u1.debian.tar.gz
657f4e78d136aa3f02098cef12da54d7 270696 java optional bsh_2.0b4-12+deb6u1_all.deb
46aa7ee9ebfdb083ab5f9414664c7174 422198 doc optional bsh-doc_2.0b4-12+deb6u1_all.deb
808b48a1bb416dff62dcc24c664fdc63 836072 java optional bsh-src_2.0b4-12+deb6u1_all.deb
2b1ece331b284874513d7c9577279ee9 360178 libs optional bsh-gcj_2.0b4-12+deb6u1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJW1D1SXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HknGQP/R1+81lXTaOUb4hUpZXtRpE+
BaP60OPK4g0r1244lKrBM32y8nvpwd4S44yV6pAy84hO/I/xeIMTw0zOEqBxo4oV
Yoz9ngnrMA0GHxEnM5L00cRhXUCN1VIAyAXJa/R8R29y23k62WRHN2SmOfhCH+BP
oqf8NzaKAS5DPrpJf8nAZVv1wU8tR90PcjUqfwzWt+m/WtdYhrtNmTtTYVw5JBmW
xQSaSEFgOattPxrqet42J0h1MErb1QnkL6RzRDs3Lfcjb3YtkHHWgHtBkKPREhoY
2UL/KsrsaC8V1GLr6iAZzy+irafC6yVuS2RubWKpqKyeBhLXezLzkSH1SFWlaEEi
oQoFJJIi28Qus44wHWW23/IrTDGfRAHdrNGvJqhRQU+X+43mSJ9Pc0O2yEFfBfBf
EII7KT54Myf8dK9tRQKYUQoOcLly8/bXTCFM1pp0OALUlhoV2P6Gyp1k9TwEK/qh
FZjUvoGtlzJoklqV1dBT6ckRX9aV68tfabdr5wspvq3qNYsZktvi0G50vT5Ov3n8
D7c++X5Zyd/fqXvMjKDuUgzD3n5OJ3ITMy87v0Xpi/C8LC+ibiPouD9P12T9bKqL
LSUoZvCo8QQVZmwiynbVDnahjNr2YomRzFZfoGPEJJnFtDAWuIK/N4NeDwIFeX3a
m7++FQMzVJeSTslj7KRa
=3yJe
-----END PGP SIGNATURE-----
Reply to: