Bug#611138: CVE-2010-4438
Adam D. Barratt
adam at adam-barratt.org.uk
Wed Jan 26 21:42:24 UTC 2011
user release.debian.org at packages.debian.org
usertag 611138 + squeeze-can-defer
tag 611138 + squeeze-ignore
thanks
On Wed, 2011-01-26 at 22:34 +0100, Moritz Mühlenhoff wrote:
> On Wed, Jan 26, 2011 at 07:46:32PM +0100, Damien Raude-Morvan wrote:
> > So I don't think Debian package is affected by this issue, but we'll have to
> > wait until Oracle/Glassfish team publish some source code to confirm ths.
>
> Ok, I've updated the Security Tracker to mark it as not-affected. I wasn't
> aware that the Debian Glassfish package doesn't provide the full stack.
In that case, this sounds like a fix could be deferred until after the
release, if it's required at all; tagging as not a blocker.
Regards,
Adam
More information about the pkg-java-maintainers
mailing list