Back to libapache-poi-java PTS page

Accepted libapache-poi-java 3.17-1 (source) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 17 Jan 2019 10:43:53 +0100
Source: libapache-poi-java
Binary: libapache-poi-java libapache-poi-java-doc
Architecture: source
Version: 3.17-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Emmanuel Bourg <ebourg@apache.org>
Description:
 libapache-poi-java - Apache POI - Java API for Microsoft Documents
 libapache-poi-java-doc - Apache POI - Java API for Microsoft Documents (Documentation)
Closes: 800958 858301 888651
Changes:
 libapache-poi-java (3.17-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream release (Closes: #800958)
     - Fixes CVE-2017-5644: XML Entity Expansion (XEE) attack with specially
       crafted OOXML file (Closes: #858301)
     - Fixes CVE-2017-12626: Infinite Loops while parsing crafted WMF, EMF, MSG
       and macros. Out of memory errors while parsing crafted DOC, PPT and XLS
       (Closes: #888651)
     - Refreshed the patches
     - New dependencies on libcurvesapi-java and libcommons-collections4-java
     - Updated the path to the Maven artifacts produced by the build
     - Added xmlbeans to the build classpath
     - Patched the xsds to resolve the external schemas in offline mode
     - Disabled the JMH benchmarks
   * Build with Java 8 temporarily
   * Standards-Version updated to 4.3.0
Checksums-Sha1:
 f3709123708d1e328d320baa668b2e065e4a96f3 2504 libapache-poi-java_3.17-1.dsc
 6b31a72cdca37494362ca9a0dc9b2095d543ff26 71723032 libapache-poi-java_3.17.orig.tar.xz
 3a3bebb374f4a459482092f1d5d115814e8aa03a 11736 libapache-poi-java_3.17-1.debian.tar.xz
 309fe75367457bc457c1165558a61071865fcf2c 14547 libapache-poi-java_3.17-1_source.buildinfo
Checksums-Sha256:
 112ae1fe5383bdaa9cf1db75b0eb65da5a319e4cf3efc5eb71732267e7bb2ba1 2504 libapache-poi-java_3.17-1.dsc
 d6491e73830b0331e66a431fd9823f682ac1a81b80412f28658d32018b6dec1e 71723032 libapache-poi-java_3.17.orig.tar.xz
 319489d9cf3b659f8d3369d53dc61c71c8e44558a064a13a9edcca473a6d677e 11736 libapache-poi-java_3.17-1.debian.tar.xz
 3dc591d35fdf0bc203a3744ca0e11bc1d0c4d44b79541005407462f94dc72296 14547 libapache-poi-java_3.17-1_source.buildinfo
Files:
 490ac72e18356a51470a5107d2a61f01 2504 java optional libapache-poi-java_3.17-1.dsc
 85b30b6906fc2943cf2817c4f718b323 71723032 java optional libapache-poi-java_3.17.orig.tar.xz
 c747cabf11998ed0a73aa6a9cfa3a1cd 11736 java optional libapache-poi-java_3.17-1.debian.tar.xz
 955554d170ef838800e4a1543c728bcf 14547 java optional libapache-poi-java_3.17-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEuM5N4hCA3PkD4WxA9RPEGeS50KwFAlxAVEMSHGVib3VyZ0Bh
cGFjaGUub3JnAAoJEPUTxBnkudCsIiIP/jlWPBZsfjuWDjuk+t1wyWi73X1iUu6N
t4nd9u4omGhCNjTVuCw825VoyHS3k7erXakyfMtxk5RpGLWn4Ifj2kEYHVfCYb4d
HMA94lu2tPpRhS5BCLN9H6BxskIPi06S1FYb5DqbT+m4ZIPDtMV5d8DG50F6xieh
ygM070ZyD3IYBblYKXkQmoBsL80c8gdCLIozJpbG3zMV69P6GQDwurAnajBs7tdY
vMP0h3nRyHn3IrlAHvrFgWy6xxlcMiv1y2G/xtREQr339rTqpIF7SZBSZ17gQIjY
srWwZygAIF8AKMjPpB0oNZZgGz0SnApgkpotgiaLVp9i7vHy2hMdtlIWoz0s9qoP
M9eQyvTMlWYh72vCiqc0guAycPBrFSKK/CdOHh38jAZYmU9hh/E6oEaQ1BHktIQp
edIw7/GSbAjkKdJKITfMt5KFd6LfFuJVUODuBFE/M1AGNCyu/PL7uFQfPmaURmRE
h/lFKUtX57Hk3EZx6OWQ3QJzt0volmoNTpY9O3kUlWI7XfWsxHpil0WxV3xV/zwv
Pl4FuTeNor14hXlwD4HbniDShwpyfUfma812b7cmAwP8qi51iUhsGV9NQNFunzo7
UkGBGKxPzb/MgqNOYvhdyBqjbP6sxFEp97mXbUkt7yM0ehLtROw9CTlz0MceWNX5
09UVHKPhvN0Y
=TMsi
-----END PGP SIGNATURE-----