Forum: >>> Magnum BBS <<<

Accepted libpgjava 42.2.15-1+deb11u1 (source) into proposed-updates->st

From Debian FTP Masters@21:1/5 to All on Sat Aug 6 23:10:01 2022

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 27 Jul 2022 23:09:55 CEST
Source: libpgjava
Architecture: source
Version: 42.2.15-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
85ae95d20d3aac351a085ac3f5855eb9a34cccf4 2746 libpgjava_42.2.15-1+deb11u1.dsc
36a1f7411b1700ad6fc9c4a592ea1763e0487cb0 903018 libpgjava_42.2.15.orig.tar.gz
aa8f4aa31a801678b2e0d424ba40219e06a4f15c 15536 libpgjava_42.2.15-1+deb11u1.debian.tar.xz
e61a9df7894045ea80ae625646cccd22d6788cdd 14524 libpgjava_42.2.15-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
953033b870e91ca745830146b3e300bff162cc35de11dd4bbb4c15dcb2adc75a 2746 libpgjava_42.2.15-1+deb11u1.dsc
fd34f1d133bf9df29fa853bea44029ba22b00a478984d7233fb6218b66d47a8f 903018 libpgjava_42.2.15.orig.tar.gz
610d614f43632bac68ce5ca0762c9a3c74f45ad4d450e99a3c81bad443f4d488 15536 libpgjava_42.2.15-1+deb11u1.debian.tar.xz
30aa78fe08408736b1208fa6c66d2fa2a61277a9773415b013c92c78a8c19955 14524 libpgjava_42.2.15-1+deb11u1_amd64.buildinfo
Changes:
libpgjava (42.2.15-1+deb11u1) bullseye-security; urgency=high
.
* Team upload.
* Fix CVE-2022-26520:
An attacker (who controls the jdbc URL or properties) can call
java.util.logging.FileHandler to write to arbitrary files through the
loggerFile and loggerLevel connection properties.
* Fix CVE-2022-21724:
The JDBC driver did not verify if certain classes implemented the expected
interface before instantiating the class. This can lead to code execution
loaded via arbitrary classes.
Files:
6217c286a442eb00b3b008af6f4c4f0c 2746 java optional libpgjava_42.2.15-1+deb11u1.dsc
27ec7ca1fe1059eb9cc5014de76176f3 903018 java optional libpgjava_42.2.15.orig.tar.gz
c1e9e7b121be7214ebb80176c0c27952 15536 java optional libpgjava_42.2.15-1+deb11u1.debian.tar.xz
ddae6da2b4256e4d50461c4d0addeb63 14524 java optional libpgjava_42.2.15-1+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLhxqJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkBtoQAMalk8QW+yyrE9nT7R2w+c8LZUMVQcvq60YO 0gCpDPeWOW1zrkbTr6+Tx/Ag5dOGjXlypmbzKX1k8GHARtbkx9n9kpN0nbbjW3iT Y8ag7BtR1MSF/0+9kfpWpxCQeNYZVkYazq8+7do2EfSqZO3t+VGnVchemxxfgO++ XNfOb/nK+1ozoV0hVm06GwHyqo/Hs7buVQ/QwFzyVBZS8nUOAyrAM/BjHAnJwQw4 zElJoZOikY1SP5nw98aqQxcRs7II2lxObfbo9DyS3QLNKVaNv+d6TTS6/pwQQG0T FTP/uKQTR9vFxUGIcsjQTLJYmpNwhi/n0SlNkc2bP4WUvaiEMwuXJd3bYvJ7Kg1U TaajCh1dshB35HkWYVlhiTuVRGNFtchKnfY6+QVP5h8BrAWXzLJ+zRZDh184407E LSfDVW7nlCpOSjQBUkyHpzrkZ3476i+/SaR0WYBfPNVqjdQxKOQh1XisECVOPrSe FEZBkI2Ee7FBxGuZUHXbXlwJ3uUuea3JsumCAA4dbo9y4RAj/DpD9OxXcDrzwd0X n47gIxlVZ84CuFiKP2PrOFTPK1nxX6HgQYTromoqZUdLnEFRDnnOkhTBSGhsSl5T h/FjFfg+LRGqiv/nMCm5k1FIrjLApXvD33hpHjrT3/6r5lY9o7dB14+5Q3VPNzu4
AKpuuPIX
=efyW
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Michal Wronka
  Wed Apr 24 14:13:57 2024
  from Wroclaw, Poland via SSH
- Michal Wronka
  Wed Apr 24 14:02:51 2024
  from Wroclaw, Poland via SSH
- Guest
  Wed Apr 24 01:40:10 2024
  from A via Telnet
- Bob Worm
  Thu Apr 25 11:52:12 2024
  from Wales, Uk via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	296
Nodes:	16 (3 / 13)
Uptime:	49:44:07
Calls:	6,649
Calls today:	1
Files:	12,200
Messages:	5,330,189

Accepted libpgjava 42.2.15-1+deb11u1 (source) into proposed-updates->st

Who's Online

Recent Visitors

System Info