Accepted maven-shared-utils 3.3.0-1+deb11u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted maven-shared-utils 3.3.0-1+deb11u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sun, 02 Oct 2022 11:02:58 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: maven-shared-utils_3.3.0-1+deb11u1_source.changes
- Debian-source: maven-shared-utils
- Debian-suite: proposed-updates
- Debian-version: 3.3.0-1+deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=Jen9LlgK+o5md780p6dYSw5b6Jkf9zFLHGr42WXcBWQ=; b=ZMY3qKMi+hNqN4mvvhx6pcqUFN ke7QrPhVVDPOk1lflYZ/WLhWIU8uocdKgfAeevBcItc8LPuWd2bWTnV1kdbDNnP+YyfEkpsOb1U2W 5fe71smi01RtXzQlvHhg7yjZn0Blcl0brP3/hSiJAvNMAP9qaarbvAYdYcBcZht08db1+t7e6yUkh qhDAW5m3DdBjZugLihF6F5ejWvttrjB49j+F9AKW4I5kQnKKC+BBgcZTzKDUTXGfc7dFjxoJsvgBB GN2JxQTyyKMZyP4WWWn48n/TNBHIfa5B2Wr8UEqbK5Vv994ZM67HOZW410504nv9kF/KLcZ8OiUOm Q6aI3Pig==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1oewkM-00Eiox-TA@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 23 Sep 2022 14:28:15 +0800
Source: maven-shared-utils
Architecture: source
Version: 3.3.0-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Aron Xu <aron@debian.org>
Closes: 1012314
Changes:
maven-shared-utils (3.3.0-1+deb11u1) bullseye-security; urgency=high
.
* Non-maintainer upload by the Security Team.
.
[Markus Koschany ]
* Fix CVE-2022-29599: Apache Maven maven-shared-utils, the Commandline class
can emit double-quoted strings without proper escaping, allowing shell
injection attacks. (Closes: #1012314)
Checksums-Sha1:
bc503bf12b85f41fbe43e2dc4cde47c0f360f758 2039 maven-shared-utils_3.3.0-1+deb11u1.dsc
56d7890696c253da39ef7dc878098965ccd487c0 119656 maven-shared-utils_3.3.0.orig.tar.xz
239fc1e123f0b61cfcc8a0371b53638d7da21e52 6412 maven-shared-utils_3.3.0-1+deb11u1.debian.tar.xz
3e0ab7a5df351b63f9f45e30b513553f2d60b461 8665 maven-shared-utils_3.3.0-1+deb11u1_source.buildinfo
Checksums-Sha256:
40a16a9a6aaff71977c73a56cb588a84c63456b11924c2d485a01efb6c9cbc74 2039 maven-shared-utils_3.3.0-1+deb11u1.dsc
11b00155d894a7e5f2bd4a0f81ca2b34236496019fdf9492aa458355fd16d674 119656 maven-shared-utils_3.3.0.orig.tar.xz
728d9433cc61a2980ff13f01f81234c404102d187eee4015e7acad26770a6f0c 6412 maven-shared-utils_3.3.0-1+deb11u1.debian.tar.xz
7700c9860ff9c2e0b599426c1b79e9b9eb11c2f370877bab1212e11f5a44257a 8665 maven-shared-utils_3.3.0-1+deb11u1_source.buildinfo
Files:
767d924a9a8c2102bfc9e36453e14e00 2039 java optional maven-shared-utils_3.3.0-1+deb11u1.dsc
e8986bb1ea7745c6bbf4dca7a2f8443a 119656 java optional maven-shared-utils_3.3.0.orig.tar.xz
7b542205305ab4f5efed4ff38caa9062 6412 java optional maven-shared-utils_3.3.0-1+deb11u1.debian.tar.xz
ac3391d66b34c667d89b0de6d99d74f8 8665 java optional maven-shared-utils_3.3.0-1+deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmMxEhgACgkQO1LKKgqv
2VRPlAf/aLkX2JtGG5ccPHzO2SLc9KrAtYAh36q3ea3DKYn7X575Vsxx0lN4/qLT
+m1x/WKk00wvbUEL/YhR8StuTedZl93uJz0GnrtHFNupyB4YjXROpkb0eZIJa7B1
/UtViR875AJxTn3y2CGvbaaUWjQfnkSu00mIc34z74aExMnDuwIDUWwM3ag5YhMt
ITIJdNJoM70Lz/ohUdIjfqaAzVhEpWrfsfs9oLNQ6Xz58svKlyaJl5bc3+V9WfNi
UOczmO1Fxnak9F5q3ZY1PkMjUWt/me1hk/T9jkPxLiBs8d1SXyzOvAhR48xHxlu4
K5bZ/P9S1AyqaPoQT1kd8BfZfa6y0Q==
=1MxI
-----END PGP SIGNATURE-----