Back to commons-httpclient PTS page

Accepted commons-httpclient 3.1-10.2+deb7u1 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 15 Apr 2015 21:24:48 +0200
Source: commons-httpclient
Binary: libcommons-httpclient-java libcommons-httpclient-java-doc
Architecture: source all
Version: 3.1-10.2+deb7u1
Distribution: wheezy
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@gambaru.de>
Description: 
 libcommons-httpclient-java - A Java(TM) library for creating HTTP clients
 libcommons-httpclient-java-doc - Documentation for libcommons-httpclient-java
Closes: 758086
Changes: 
 commons-httpclient (3.1-10.2+deb7u1) wheezy; urgency=high
 .
   * Team upload.
   * Add CVE-2014-3577.patch. (Closes: #758086)
     It was found that the fix for CVE-2012-6153 was incomplete: the code added
     to check that the server hostname matches the domain name in a subject's
     Common Name (CN) field in X.509 certificates was flawed. A
     man-in-the-middle attacker could use this flaw to spoof an SSL server using
     a specially crafted X.509 certificate. The fix for CVE-2012-6153 was
     intended to address the incomplete patch for CVE-2012-5783. The issue is
     now completely resolved by applying this patch and the
     06_fix_CVE-2012-5783.patch.
   * Change java.source and java.target ant properties to 1.5, otherwise
     commons-httpclient will not compile with this patch.
Checksums-Sha1: 
 ca26cd0f2a5be0029a7b2e8d56cf85fb38c31d1e 2526 commons-httpclient_3.1-10.2+deb7u1.dsc
 0c6dfbf3d0d47cfc70595d2b15223a59f264795b 13684 commons-httpclient_3.1-10.2+deb7u1.debian.tar.gz
 301f4d1a8f1e400f257c13cd222981d60696584c 299718 libcommons-httpclient-java_3.1-10.2+deb7u1_all.deb
 b87b0f77aba48d6177092356e96e2b149f840283 1547514 libcommons-httpclient-java-doc_3.1-10.2+deb7u1_all.deb
Checksums-Sha256: 
 219a2ecdf758361cec1ea85bce645115c14bf609dc7b565cd0ab5aee610f6cb1 2526 commons-httpclient_3.1-10.2+deb7u1.dsc
 e977a7922cff20c65fb6dcfbd9bb2f11e2f079245edddc68567055dd0e444cac 13684 commons-httpclient_3.1-10.2+deb7u1.debian.tar.gz
 7bafb3dc4b04d2c0af8ecb8010eae11b63496c57184fe1bd6b812f824eee2037 299718 libcommons-httpclient-java_3.1-10.2+deb7u1_all.deb
 47af253e18f750a10ff226c487aceadb056a78a913a6ab3c1d66667022b620bd 1547514 libcommons-httpclient-java-doc_3.1-10.2+deb7u1_all.deb
Files: 
 022067c70b0363ea2c1fa31542290b64 2526 java optional commons-httpclient_3.1-10.2+deb7u1.dsc
 8a5862dc9b0b0898c61e438359eec285 13684 java optional commons-httpclient_3.1-10.2+deb7u1.debian.tar.gz
 4deb3d76811d48c359dcbe0616f76b41 299718 java optional libcommons-httpclient-java_3.1-10.2+deb7u1_all.deb
 e1708de058fde033592dc11b9468294b 1547514 doc optional libcommons-httpclient-java-doc_3.1-10.2+deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJVVPY9XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC
QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoGr8sQAMVXI1PRDTmuQsdtYFzXkBlp
sg7R1HAR7VSTBpJiM71VCaY3Q8E6Kc0Rz4u0WsHX2Zbn/RjN2634h/BHa781n9sN
RS1DtUjdsIC3vWcWA6D+MyrcIsc8HjYjfU4++MwuXOf4STsiZFCRF1mn+/+umW2K
D+z+03KuNNre/WIkyESqK5lF4l3fq0AUlexWJc7yZkscQwfLwE3sc3CXf0octwbc
5hieqg1lc7rfOWjj7KgK6HAAhYbqP1gJH6wCaoQkMohWauRdVJXLVConWCYKcVdS
R5yVWpu8/8v0C5IfzOMDSToRJyO/wknDqBsHYOKJw8CJgAgOnu/qvi2E+HE/Cooy
qYhmf/jMo6s1jj+kuZvrbGfW0hWW3JDb/Ooq17iU5r+f4D7HfBp8tjq+ZjPLBUXs
x0KMww9VzLFExVY+ySRk6J4B+YwgVwVXxQrWA+BCV2+SrwvdRqh3oQDVWa8IJONW
uOdKdrBu+GAbsOBFi/M81YgtmcJWyUX75ZjSDgXD9HrX4goiaS+/ZqvIVoMvmk+f
hN1QAcYFTbfKCZwiqJZ+GHBW6D2jqtpIphOXudsQFaeQKtykybbG+P1yOHIQoy1v
kFwGMnGRTrqCqZ9ajUdS7eTUweSjKZkZKsqKyGDXm2WWRPXjxHLXP/gv9tQu2Pfq
l4QFD1nwITCaQ/Wi22/H
=K+gw
-----END PGP SIGNATURE-----