Accepted libhtmlcleaner-java 2.24-1+deb11u1 (source) into oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted libhtmlcleaner-java 2.24-1+deb11u1 (source) into oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 11 Aug 2023 15:12:30 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: libhtmlcleaner-java_2.24-1+deb11u1_source.changes
- Debian-source: libhtmlcleaner-java
- Debian-suite: oldstable-proposed-updates
- Debian-version: 2.24-1+deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=D9dbuN8jLV7ZhlxO1rgVS00lXw7Od6eyPfZuXsa84kc=; b=WWz7TXtC4bHLm4o4mt35z5qo9s f7OXml21hhfiZQyO6oqpczI8txFsgzUz/r4QwTf5XlFFafELjozN+hqminEWcVx/71XHCPFIyTnBj dcGaVvZGMx46PkwDmKpIK/nMqYCOiBkr4SvVvaUlY5Kbl8QyjG4BX6qSMIuGXfJcYVejoGrUW35G+ I975OhCpzijRpsNU49zvYyxIBeLs71GNgg66o41aC/BmuQNymSWSnRtryuIN/Do7oUry+WBdNQac/ rHDUtExfoLvPXevKhLJrla6ZHO5KqYbcVA3VJI/Ylj3k7kh7XxdCjqpTnKhwjS2zRMsDDZNzjHFgt UDqBvJkg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qUToU-009eSq-8d@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 7 Aug 2023 18:32:06 CEST
Source: libhtmlcleaner-java
Architecture: source
Version: 2.24-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Alexandre Rossi <alexandre.rossi@gmail.com>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
de255b009a74851f6d745a34bec5859781397066 2396 libhtmlcleaner-java_2.24-1+deb11u1.dsc
e9e851b724f61e1a39c04e7b04214686e3aa780e 299570 libhtmlcleaner-java_2.24.orig.tar.gz
9cbb5ab71366c0e354bb44ba18ab2ef5a79bac88 9384 libhtmlcleaner-java_2.24-1+deb11u1.debian.tar.xz
2fc0569f547e0ed614f02c11d3cbd0217f43544a 15647 libhtmlcleaner-java_2.24-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
87de4af84d45600c09a45470d6ffd36f6459eef0fe2b2548c0cff404b3c16e34 2396 libhtmlcleaner-java_2.24-1+deb11u1.dsc
c00274a65e2224a88b3eac1094a9f9377c838cd677d1280ff9948d2b839be620 299570 libhtmlcleaner-java_2.24.orig.tar.gz
826efbad004afe6856b0053e71261c5861fd1896ec6c6b66a6dcc82b8b36f7d4 9384 libhtmlcleaner-java_2.24-1+deb11u1.debian.tar.xz
283ca43936ffef9f92a3b22602fd2cc3e64ac9b9584c6f530d830d213bd9031d 15647 libhtmlcleaner-java_2.24-1+deb11u1_amd64.buildinfo
Changes:
libhtmlcleaner-java (2.24-1+deb11u1) bullseye-security; urgency=high
.
* Non-maintainer upload.
* Fix CVE-2023-34624:
A security vulnerability has been discovered in libhtmlcleaner-java, a Java
HTML parser library. An attacker was able to cause a denial of service
(StackOverflowError) if the parser runs on user supplied input with deeply
nested HTML elements. This update introduces a new nesting depth limit
which can be overridden in cleaner properties.
Files:
4f44e57ac7c33a84540faee6efe595e1 2396 java optional libhtmlcleaner-java_2.24-1+deb11u1.dsc
6ace8f3f4dc3c654701abf8cedecba4b 299570 java optional libhtmlcleaner-java_2.24.orig.tar.gz
c5be53798e2e43fd35faa9eaeab15f25 9384 java optional libhtmlcleaner-java_2.24-1+deb11u1.debian.tar.xz
2788cb0370ce8c7310281350781fe679 15647 java optional libhtmlcleaner-java_2.24-1+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTRHLhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hkm/cQAJFDwa/xXyKl3V3Exs2GfWRlUysNb4hM9Iwg
Tv8hSgiads5UVYAmNVKWK/GyLP5bW2Jht+yMTCiSGR1xSTLouwfjqrK/T278QLD+
XfXikwlcsvr1sxzDqPSDU5TPE3eYlgu+HOUZczKLFU8yTyfmYe918Mf5M/DGcBm0
T0ujZXCGZVobkBETffk6P0tWOo2Xn+Nar2fD5Wm5BhWXi220CkpatRbAp67dLr6l
wh1FxWsN/gCzg4mI/r8Uyam0bKUoAWWu0aZaJ2i/591M4FNpSy4dvE9dKMZBQaxt
AY+zeUoOIHWERVs1uXO/ZMIkldEaar+zrMBtnNskRRFTM2tIwfo6KLffrRf0Zxqe
Zaf2J2Ekks8qm0kr9/OFiacz3A01qx5BYR8qIyE8dYd6RQ7aoX/Cg16MqxQtgyVU
aMqG8RoizJiqolJF1GfyUGaPCIJn6TuLCIFwyWSZ+D6eeVLTNcJTrulBb1W6QL/f
VBV4QvEouKy65Y8GeDcEowJiOCs8dM/EEeAMqZtbC8lhBNQNUVjXEFEgR5acmjVv
pBC7TAa/fEWpFG5HeA1t7cbYCdo8y/gMZo4e9h16dzME0Kv+MMzT/17jMxWcmbw4
vm7rFqsStvCe8hVgYs/sKujXYdbh2uV0NI8bsLjS0eW3cSde1I2XWIql1bGcQNwr
YCAqfTyd
=FPj6
-----END PGP SIGNATURE-----