Accepted checkstyle 6.15-1+deb9u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Mar 2020 13:18:16 +0100
Source: checkstyle
Binary: checkstyle checkstyle-doc
Architecture: source
Version: 6.15-1+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
checkstyle - checks Java source against a coding standard
checkstyle-doc - Documentation for Checkstyle
Closes: 924598
Changes:
checkstyle (6.15-1+deb9u1) stretch; urgency=medium
.
* Team upload.
* Fix CVE-2019-9658 and CVE-2019-10782:
Security researchers from Snyk discovered that the fix for CVE-2019-9658
was incomplete. Checkstyle, a development tool to help programmers write
Java code that adheres to a coding standard, was still vulnerable to XML
External Entity (XXE) injection. (Closes: #924598)
Checksums-Sha1:
7b8e1b4e300a722a85f937af6a6c759990a817d9 2678 checkstyle_6.15-1+deb9u1.dsc
f8d27113af7261e62e8a1cb0c63b3130991c84ad 8996 checkstyle_6.15-1+deb9u1.debian.tar.xz
c337c1f4b70ff36a0646a54a8f600d8acd9fa1d9 16397 checkstyle_6.15-1+deb9u1_amd64.buildinfo
Checksums-Sha256:
790ee3050342ad6623d3ec4de9c928c7bde91148319edfce5ca4836da4bf2f61 2678 checkstyle_6.15-1+deb9u1.dsc
9128162d49733ccde93b31df229e4ab587c838676860464047efa53b9e1d9835 8996 checkstyle_6.15-1+deb9u1.debian.tar.xz
b1352ef0feedd3df227055a297b4715e30768edc04cb5d3a41adae0864d5eb2e 16397 checkstyle_6.15-1+deb9u1_amd64.buildinfo
Files:
d0354109cbcb5842f226694dde9da029 2678 java optional checkstyle_6.15-1+deb9u1.dsc
59af6dfbaf9cdb26f0afa77107c4c05c 8996 java optional checkstyle_6.15-1+deb9u1.debian.tar.xz
259b651d58cb1884cfb806a22a514ef7 16397 java optional checkstyle_6.15-1+deb9u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl56IZFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk6f8QALAJokCH9awNBGRuCR7ol8aJDDI9LfjmUwiH
XCjPH4r29VPJbdMr9KRF/zNUfy7jm8Vtd4W+hXRolhQYirdsYtLZJXTWAeNR4+kc
WtBgxqr9RNP8C2Z8IBzFVZAbPWv1Rju/uLOqFXz0Im472RlHrkXGKsz3KQnErMPN
PQYbScumECHoUGMWrTr9uyMGfHXtbrswLeWcYcqH5TObLURTDzqsveeJmyLkJSq4
z+RiCZN4Cb2ICK4unD+g56+JmttG72R2JSDMijPamDmTKUgcV0vtqZpnfn6CdOFs
CerRaMSK5L5K0a9VqDSOG3GA96iadeiXfByF4NpE9ZHNdqlFuLANnypLZXj23fad
2fAlfo5T/QEYpGJdev9hSz6JxxI8DpSUS1oaZZFJJNO1lXmt7rByxaPIqg30TTAW
O4yDGwoDyg7JDxPBuYuUGSQu8kjG5+6spvLf8ybG0EAXNh3JQaVB/kz5MTbM+s0X
wbyAYsC+AyWfI2hiULGI4Ar9h9NnZaa++DpV0e4GNw0FTO9cBOa+ZiX/NACeD+Wb
1X9WRKC4B4LMOP2cFRrm5izT7P833+d0xEp5yvzhKKvB6HMSRcYYZjTvEDMTSlrd
zEG3vV7rgQAMzaN4Rsux9XVWBdNqFTqOrBHC6nYaWTnnbmJOD3wtjdrn1qHe4oEH
DDsRi0HA
=Rntq
-----END PGP SIGNATURE-----