Bug#611130: CVE-2010-2087
Moritz Muehlenhoff
jmm at inutil.org
Wed Aug 24 16:33:39 UTC 2011
On Tue, Aug 23, 2011 at 08:12:51PM -0430, Miguel Landaeta wrote:
> On Mon, Jul 25, 2011 at 02:05:01PM +0200, Moritz Mühlenhoff wrote:
> > What's the result?
> >
>
> Upstream is totally unresponsive about this issue.
>
> I have reviewed changelog of subsequent releases and this doesn't
> seem to be fixed.
>
> I have lost almost all motivation to try to fix this, but I'll
> give another try to check again with upstream to see what they
> have to say.
This reminded me of http://pwnies.com/archive/2010/winners/:
--------------
Pwnie for Best Server-Side Bug
(..)
Credit: Meder Kydyraliev
(..)
Meder gets bonus points for having to track down developers on IRC
to get the vulnerability fixed after receiving no response from
security at struts.apache.org.
--------------
Maybe you should try IRC as well...
Cheers,
Moritz
More information about the pkg-java-maintainers
mailing list