Bug#341745: marked as done (Add warning about execution of possible
arbitrary java methods)
Debian Bug Tracking System
owner at bugs.debian.org
Sun Jan 22 16:33:57 UTC 2006
Your message dated Sun, 22 Jan 2006 08:19:23 -0800
with message-id <E1F0hw3-00004z-Gb at spohr.debian.org>
and subject line Bug#341745: fixed in libsaxon-java 1:6.5.5-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 2 Dec 2005 17:10:09 +0000
>From sf at sfritsch.de Fri Dec 02 09:10:09 2005
Return-path: <sf at sfritsch.de>
Received: from tuco.sfritsch.de ([217.160.135.178])
by spohr.debian.org with esmtp (Exim 4.50)
id 1EiEQC-0005qd-Tg
for submit at bugs.debian.org; Fri, 02 Dec 2005 09:10:09 -0800
Received: from ppp-82-135-84-128.mnet-online.de ([82.135.84.128])
by tuco.sfritsch.de with esmtpsa (TLS-1.0:RSA_ARCFOUR_MD5:16)
(Exim 4.50)
id 1EiEQB-0007ey-Vv
for submit at bugs.debian.org; Fri, 02 Dec 2005 18:10:08 +0100
From: Stefan Fritsch <sf at sfritsch.de>
To: submit at bugs.debian.org
Subject: Add warning about execution of possible arbitrary java methods
Date: Fri, 2 Dec 2005 18:10:12 +0100
User-Agent: KMail/1.8.2
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200512021810.12563.sf at sfritsch.de>
Delivered-To: submit at bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-7.5 required=4.0 tests=BAYES_00,HAS_PACKAGE,
RCVD_IN_SORBS autolearn=no version=2.60-bugs.debian.org_2005_01_02
package: libsaxon-java
severity: whishlist
By default, saxon allows arbitrary java methods to be executed from an
XSLT. Please add a warning that this has to be switched off if
untrusted XSLTs are used.
---------------------------------------
Received: (at 341745-close) by bugs.debian.org; 22 Jan 2006 16:20:26 +0000
>From joerg at spohr.debian.org Sun Jan 22 08:20:26 2006
Return-path: <joerg at spohr.debian.org>
Received: from joerg by spohr.debian.org with local (Exim 4.50)
id 1F0hw3-00004z-Gb; Sun, 22 Jan 2006 08:19:23 -0800
From: Wolfgang Baer <WBaer at gmx.de>
To: 341745-close at bugs.debian.org
X-Katie: lisa $Revision: 1.31 $
Subject: Bug#341745: fixed in libsaxon-java 1:6.5.5-1
Message-Id: <E1F0hw3-00004z-Gb at spohr.debian.org>
Sender: Joerg Jaspert <joerg at spohr.debian.org>
Date: Sun, 22 Jan 2006 08:19:23 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: libsaxon-java
Source-Version: 1:6.5.5-1
We believe that the bug you reported is fixed in the latest version of
libsaxon-java, which is due to be installed in the Debian FTP archive:
libsaxon-java-doc_6.5.5-1_all.deb
to pool/main/libs/libsaxon-java/libsaxon-java-doc_6.5.5-1_all.deb
libsaxon-java_6.5.5-1.diff.gz
to pool/main/libs/libsaxon-java/libsaxon-java_6.5.5-1.diff.gz
libsaxon-java_6.5.5-1.dsc
to pool/main/libs/libsaxon-java/libsaxon-java_6.5.5-1.dsc
libsaxon-java_6.5.5-1_all.deb
to pool/main/libs/libsaxon-java/libsaxon-java_6.5.5-1_all.deb
libsaxon-java_6.5.5.orig.tar.gz
to pool/main/libs/libsaxon-java/libsaxon-java_6.5.5.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 341745 at bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Wolfgang Baer <WBaer at gmx.de> (supplier of updated libsaxon-java package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster at debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 5 Jan 2006 11:25:01 +0100
Source: libsaxon-java
Binary: libsaxon-java-doc libsaxon-java
Architecture: source all
Version: 1:6.5.5-1
Distribution: unstable
Urgency: low
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Wolfgang Baer <WBaer at gmx.de>
Description:
libsaxon-java - The Saxon XSLT Processor
libsaxon-java-doc - The Saxon XSLT Processor's documentation and javadoc
Closes: 341745
Changes:
libsaxon-java (1:6.5.5-1) unstable; urgency=low
.
* New upstream release
* Added note about the commandline switch to disable execution of
java extension in XSLTs to README.Debian (closes: #341745)
* Remove libgnujaxp-java dependencies - not needed anymore
* Add the documentation package to suggests
* Move -doc package to main - was forgotten during the move of the library
* Formatted description and shortened the description of the doc package
* Moved part about repackaging from README.Debian
into a new README.Debian-source file.
Files:
bcd8a1effd84edb34c0fa30349faea99 763 libs optional libsaxon-java_6.5.5-1.dsc
3b3f0778dd6107b9107713dbf00466d6 1669293 libs optional libsaxon-java_6.5.5.orig.tar.gz
652b5f247d75fecbcd55a7799a52b381 6573 libs optional libsaxon-java_6.5.5-1.diff.gz
664628ada22413ed58859912ac235013 562884 libs optional libsaxon-java_6.5.5-1_all.deb
25e23c439a3ec7a5c03d38ca0384a634 1102362 doc optional libsaxon-java-doc_6.5.5-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDy71MWSOgCCdjSDsRAsKRAJ9Qk0NASTx8GgxOLPs+L3MnonhxigCfR6t2
SInC0oYsJhrFivjW6l/pPkM=
=b6nT
-----END PGP SIGNATURE-----
More information about the pkg-java-maintainers
mailing list