Accepted velocity 1.7-5+deb9u1 (source all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 17 Mar 2021 12:12:00 +0000
Source: velocity
Binary: velocity velocity-doc
Architecture: source all
Version: 1.7-5+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
velocity - Java-based template engine for web application
velocity-doc - Documentation for velocity
Closes: 985220
Changes:
velocity (1.7-5+deb9u1) stretch-security; urgency=high
.
* CVE-2020-13936: Prevent a potential arbitrary code execution vulnerability
that can be exploited by applications that allow untrusted users to
upload/modify Velocity templates. (Closes: #985220)
Checksums-Sha1:
b697f295d600ab24d858778cb6e9de229d527d6a 2453 velocity_1.7-5+deb9u1.dsc
442fc7608c94c1ac2dc9a888e65aab4491e1f580 732413 velocity_1.7.orig.tar.gz
9f217efd44f886e50b289a4814b0462eff7c2583 9500 velocity_1.7-5+deb9u1.debian.tar.xz
2c894d693fe2ae0e80c74669896a147d0251f9d0 376460 velocity-doc_1.7-5+deb9u1_all.deb
bb7d83d6fed35df96d3f955352247340406d7986 412962 velocity_1.7-5+deb9u1_all.deb
efea04b1386f9de747d774865c0ca91be369ac7a 15567 velocity_1.7-5+deb9u1_amd64.buildinfo
Checksums-Sha256:
7a37afd7482d3f3a881af8a227f7d7b3df11b47cf50b37dbfa15355f46a0edcf 2453 velocity_1.7-5+deb9u1.dsc
3d680327b600a84aca9e1cade288e068721d6291fcc9de57e2a1daf60183d43c 732413 velocity_1.7.orig.tar.gz
1da14dffb67d401941f185e164099759f6bd02645eb1462163d8e6e8daf4db34 9500 velocity_1.7-5+deb9u1.debian.tar.xz
57573c38e578c7e77db7d0280082edfe598c39bd8fb00d371ba03815b7c743fb 376460 velocity-doc_1.7-5+deb9u1_all.deb
88e476de05a21d00cc1096843b3b2ec12f04b6080797af11ca5e78ab654381bd 412962 velocity_1.7-5+deb9u1_all.deb
615019f9915c126a9122d1381ca01910166d5ae3da56e761b8d1be51a66ed356 15567 velocity_1.7-5+deb9u1_amd64.buildinfo
Files:
9da0371417e63f0714c6109a7dd39135 2453 java optional velocity_1.7-5+deb9u1.dsc
2fecbd18e77423a4cd623e6043f38bd4 732413 java optional velocity_1.7.orig.tar.gz
0b0110b8614984f89ad413dca5be9a7c 9500 java optional velocity_1.7-5+deb9u1.debian.tar.xz
317afbfc82f91e10f801c0134c660391 376460 doc optional velocity-doc_1.7-5+deb9u1_all.deb
24688628c3616ab3a716225acbbc5c92 412962 java optional velocity_1.7-5+deb9u1_all.deb
424410536afec728a453b2c8f2f6bd2a 15567 java optional velocity_1.7-5+deb9u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmBR9QIACgkQHpU+J9Qx
HljKYA/+Iykt7Gv3X31SFHBYqs5HT2Xh8zQ3c7ZKkhc6ml0+H/5QuzsyAxdw9zlv
WRofiako2+07eemffjf7Vatq2nOL0wxHjwPuEqmomA4Aa1i6rfIFG7pKz411k79+
0PQpd31m9nFOy1mRnwL2jlMBCqimhdoRFVfndNMTCpiz4e5LQiQ3ALYx0PAsRswJ
8WuxcSpE2ZbNined9kUxD6m/cH5LlYmcw2C9VAXmwB6HALswqv8DC1H3JHd3F9g9
uYjqSqA18cpqeFP3Ooqdxn3cQnzXqTBNa40kMHniNOGRmwgZhsZh3s55nRqqKWYs
oKK0Xag6709UbU8ASuPK2mqXyimQTmZdO6CdyWVszyWyAB/Vj93LT5SeJGp312MB
n2DQg8I4eT/A4huAhrEjxBR1Drjm7CuRZX5JffmR2e2ZNyAv62QZuDchlwpiXTTe
ziTR6+gOrAeqFRG57IJdbZT2+aMuHN2c3qm5oz3g2A4q3Hj7GPzezIGOWnXmPhZY
Z+N8jOyufC3nEJopuVeUNLElGu1L+495bRQmuL3lGDyobLAVRi8JZxuT+53tXjj4
sg90TItK03ajMqhIl5Q4FoUkZpPoBS3PaENpJ5lmsy3Xw40LIragcXjDPPnOwWvI
wz6jGfFPsDhUggkTi+QJV2/QpNJL18KftmDECJFQrV2iQ4U5Wtg=
=JUSi
-----END PGP SIGNATURE-----