Debian Bug report logs -
#891796
CVE-2017-18197
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>:
Bug#891796; Package src:libjgraphx-java.
(Wed, 28 Feb 2018 22:15:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>.
(Wed, 28 Feb 2018 22:15:07 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: libjgraphx-java
Severity: normal
Tags: security
This was assigned CVE-2017-18197:
https://github.com/jgraph/mxgraph/issues/124
Cheers,
Moritz
Marked as found in versions libjgraphx-java/1.4.1.0-3.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 05 Mar 2018 05:48:03 GMT) (full text, mbox, link).
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 05 Mar 2018 05:48:03 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Thu, 08 Mar 2018 17:36:10 GMT) (full text, mbox, link).
Severity set to 'grave' from 'normal'
Request was from Moritz Muehlenhoff <jmm@debian.org>
to control@bugs.debian.org.
(Fri, 08 Feb 2019 20:21:11 GMT) (full text, mbox, link).
Reply sent
to Markus Koschany <apo@debian.org>:
You have taken responsibility.
(Tue, 19 Feb 2019 18:51:08 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Tue, 19 Feb 2019 18:51:08 GMT) (full text, mbox, link).
Message #20 received at 891796-close@bugs.debian.org (full text, mbox, reply):
Source: libjgraphx-java
Source-Version: 2.1.0.7-2
We believe that the bug you reported is fixed in the latest version of
libjgraphx-java, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 891796@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Markus Koschany <apo@debian.org> (supplier of updated libjgraphx-java package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 19 Feb 2019 19:21:46 +0100
Source: libjgraphx-java
Architecture: source
Version: 2.1.0.7-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Closes: 891796
Changes:
libjgraphx-java (2.1.0.7-2) unstable; urgency=medium
.
* Team upload.
.
[ tony mancill ]
* Moved the package to Git
.
[ Markus Koschany ]
* Fix CVE-2017-18197. (Closes: #891796)
Checksums-Sha1:
ceb3ced558ca308eb7a2ce209b012cca1a175028 2271 libjgraphx-java_2.1.0.7-2.dsc
4e404bad5ca0d15694a293078a0b98b94921e942 4080 libjgraphx-java_2.1.0.7-2.debian.tar.xz
30e49ee043f69bf8692b1c513c0c1c168ead43ab 11388 libjgraphx-java_2.1.0.7-2_amd64.buildinfo
Checksums-Sha256:
e9f2bb682186b3d95cfcc36e2898187d619340224394d7d8a34d6a812b1b4ae1 2271 libjgraphx-java_2.1.0.7-2.dsc
5a21dfa90c04b94c860ffaeead4bb17b4e1265cd0a711cc1172a199cb3af3fd6 4080 libjgraphx-java_2.1.0.7-2.debian.tar.xz
9a2a769abdc09131ca38e9a6c95b2cccc33ce3bf87958c62c2950ff5cd336c38 11388 libjgraphx-java_2.1.0.7-2_amd64.buildinfo
Files:
e9835e31fc9159461b4f4dadff06175b 2271 java optional libjgraphx-java_2.1.0.7-2.dsc
42d1ff167b1a9ff994e99afb63d063ef 4080 java optional libjgraphx-java_2.1.0.7-2.debian.tar.xz
fe1cb7117384fb2d5b13c327cb6d279e 11388 java optional libjgraphx-java_2.1.0.7-2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlxsSy9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hkj/UP/Au5cO4BZqQlZvuiZPxRVkh4QfClmoBy9Op3
PwWwKLLZPwWkevxkEOsCGLyna25KGZfpMJWeobyflQao9pAesxFukfCwC8t0WjZp
Gpr0fovHdqOTt4QW+VgO1TvC1LV5m1Jc3QlnuRrjgpzanN7OTWljlCdHirUu9pri
tu0aDfD1OsIyazAlDBFkGadzcvboVI6fNs+ssJEQ3uBFmHm99gu8R5qJMfWBElIw
rMKfdyD2zSPl+jL+f5wFV+qPo/9jaW/9aJvzNdxuypfXWE/CvA88jT7gD8OVx/rF
PDZvsJBUqnTgoJMV5PBvODE5fxGFbIkcCs3tRN+aLG3hL8Cwz5qNKL9mCXWl2yZ6
4S30BVJBDGn196kp8eInlXBv4/ofjOOss93QfmysDGR2yvvEISQwCCjvD+uC8P5v
EhlBif0IwAerDKaIshefJwPkF/5EAa+1UdHU7WPytoxd5TyNwVJyjcrcAVwz5a9w
0x8ZWQjiDbiVQt3oCEUAGH24+SfWls7K1GxW82AmVFVdeCuI+296UKB2dMGHBIe1
fqA4Dbk3v5nid8MOUJsXIvuBLicZWsjKyMU0MbN2JmNkrop54XnVm/Yy+L18ejl3
M49hUUQKYKu9oQ58qiiwOu8QHvVkXWW6PWQtoyRApEmOhmu3qEkmDSFssfpyPwgx
58/hba0N
=tPEI
-----END PGP SIGNATURE-----
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:49:14 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon