Accepted libhtmlcleaner-java 2.21-5+deb10u1 (source) into oldoldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted libhtmlcleaner-java 2.21-5+deb10u1 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 07 Aug 2023 17:40:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: libhtmlcleaner-java_2.21-5+deb10u1_source.changes
- Debian-source: libhtmlcleaner-java
- Debian-suite: oldoldstable
- Debian-version: 2.21-5+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=gNEsju5gIuKztXP+059IQDbA3uT1EFVxm+QufSTZklk=; b=RFGbavdHmciWziVIp+q1tDakFj IXX+WAALKmHKCInyJdhFeqXSwKi3GmTB/mFoUWhdAuzllJaRg+ZXK8v1uKaWMS6asXzPF8DeAqabp nSa8dQgAMCkWcsIH8Zpm7NLkfW/MM809yIeTFYm47NyQHT1w9LLna5AGr/VcXsgw78kZan+28x8nn av1+/egykJIQ6RRN2QUygUIomOXcdLgD9j3PMTyvDQCbJlT7vWPSzHqRELUJDXpvuAa0477QjNDj4 ZkfGrmEaGyvKoCarqF0xEMZxVTFwLPnLsVQS2wWooSXHtjTZvQPPbBzwHevQ06KrSBuOrGZghjzlw 8XSmP1Bg==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1qT4DM-001fP0-Fq@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 7 Aug 2023 19:26:23 CEST
Source: libhtmlcleaner-java
Architecture: source
Version: 2.21-5+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Alexandre Rossi <alexandre.rossi@gmail.com>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
dcc8aefb62bf2341f3114255d48a405de7903a58 2392 libhtmlcleaner-java_2.21-5+deb10u1.dsc
161ca8303e49b9161237fedd16e9e928e2b77681 260863 libhtmlcleaner-java_2.21.orig.tar.gz
c7c71f56ac4e3b5b8de998feec345eba8d50d411 9404 libhtmlcleaner-java_2.21-5+deb10u1.debian.tar.xz
6b60f1e3e9ff48061c3ea3499acc9b63e995481e 15273 libhtmlcleaner-java_2.21-5+deb10u1_amd64.buildinfo
Checksums-Sha256:
67a9b2aec4f9f34cbcf8aa1b6409d9506f1e27a32205347f20822caf3786599f 2392 libhtmlcleaner-java_2.21-5+deb10u1.dsc
231aca0f356b4e5bf36fe53422008165094eb72bd5b1836dd73b61758448b359 260863 libhtmlcleaner-java_2.21.orig.tar.gz
1c45ca67c47e6c70d50958e23f39ddb274c22a98dd488a2245515996aa4f6198 9404 libhtmlcleaner-java_2.21-5+deb10u1.debian.tar.xz
af005c66151b2537fb45d8712a8a4e2d76cec6f8fedc5026161d0aec37f52829 15273 libhtmlcleaner-java_2.21-5+deb10u1_amd64.buildinfo
Changes:
libhtmlcleaner-java (2.21-5+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload.
* Fix CVE-2023-34624:
A security vulnerability has been discovered in libhtmlcleaner-java, a Java
HTML parser library. An attacker was able to cause a denial of service
(StackOverflowError) if the parser runs on user supplied input with deeply
nested HTML elements. This update introduces a new nesting depth limit
which can be overridden in cleaner properties.
Files:
e4b21b53f0eef38a588bcda6eefb452a 2392 java optional libhtmlcleaner-java_2.21-5+deb10u1.dsc
d1adfc9e547c1b7943773a9460b0ce38 260863 java optional libhtmlcleaner-java_2.21.orig.tar.gz
dab248c5d17973187bbb4db39973b5c9 9404 java optional libhtmlcleaner-java_2.21-5+deb10u1.debian.tar.xz
34786529662ff5a4cbb20b437cede33f 15273 java optional libhtmlcleaner-java_2.21-5+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTRKcFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkyZAQAIpg7ix/WbikoNzfifjwZSTzSTR7k6rYWGNd
62J65JSV6iMVrSlyjS7MS4mkqH5bDa9TViHvZowaoGUioyqqtJ8fDjWOXVhbh1GR
jYQsdM2KJc+qrw1+5CuYlooCsnTNnBVzNia1WVM/0QDY2zkl8z2kzVGcxseKet07
K8CP0taR6jpsTRYw0mkBONoo6SDzFu7Vg5iYMfy/FyDRCaPGwNlhrGBe3HarFMWG
qn6Bqi8kUiWN+mzGUusnk4bwXw0uoYW70IAHI+lbG7W+00R5E0C5wWYAB05r7K5m
MwN4INagWqMxuXm1YP62UtKLs2pOq90LyakVViMBKmnKVBu7QyKeYgFYXdXtlWKi
L98U3BK3rKJ8qie724DK0VfbjwcwYXx4Lcakmup3rDEvTumfVUJzX6bdSlNMLt87
IMeAxXTsCWgejmVSqWbSFQi0OMDQYL9fB5vt6B12j28s0fsdU4+xwEIpNqv82+wI
fub5l3HV7A5NzjIglhLFAUCxWT6p7oAhXOnKbrEdjDoo80sAwRGL7ZoVvsOXfZxJ
aNuKBEWT++X+oTq+0VVFM7UBxfCDs/ZD9XsYKW2Nru1CGDQKUSxCe0kKC/5DQ5JA
qHUu5CaprOtFRm1TBT8nLwQFqAvQLc3h+lTzOhHrZy5DtRs+k3+t6BCDh8bnnob9
Wkq5XTuq
=k09t
-----END PGP SIGNATURE-----