Re: libspring-2.5-java and requesting membership for secure-testing
Hi,
On Mon, 30 Mar 2015, Markus Koschany wrote:
> I have recently started to investigate whether I could fix some open LTS
> issues and discovered the entry for libspring-2.5-java. According to
>
> https://security-tracker.debian.org/tracker/source-package/libspring-2.5-java
>
> there is no open security issue left. Is this an oversight? Otherwise I
> might take a closer look and work on a fix.
No it's correct, the last CVE issue was mis-assigned to that package. That
said there are other java packages in need of some love.
For example commons-httpclient has been waiting for months:
https://security-tracker.debian.org/tracker/source-package/commons-httpclient
> In addition I would be happy
> if someone added me to the security-testing project on alioth, so that I
> can claim open issues in the SVN repository myself. My alioth name is
> apo-guest. I have been mainly active in the Debian Games and Java teams
> for the past 2,5 years but are interested in other areas of Debian as
> well and might be able to help fixing outstanding security issues from
> time to time.
I don't have the rights to add you but someone else will do it soonish I
guess.
Thanks for your help!
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Reply to: