Bug#860566: batik package ready for testing
Antoine Beaupré
anarcat at orangeseeds.org
Wed Apr 26 18:49:02 UTC 2017
Hi,
As previously mentioned, I have worked on an update for the Batik
package. I have basically assumed the issue is the upstream BATIK-1139
issue, and used the patches refered to there:
https://issues.apache.org/jira/browse/BATIK-1139
That may be incorrect and because we don't have a reproducer associated
with the CVE, there's no direct way for me to test this. Since Batik
seems to be a rather complex piece of software, I haven't attempted to
reproduce the issue documented there.
I have, however, uploaded a patched version of the Debian package for
wheezy users to test, in my usual location:
https://people.debian.org/~anarcat/debian/wheezy-lts/
Thank you for your attention,
A.
--
The illusion of freedom will continue as long as it's profitable to
continue the illusion. At the point where the illusion becomes too
expensive to maintain, they will just take down the scenery, they will
pull back the curtains, they will move the tables and chairs out of
the way and you will see the brick wall at the back of the theater.
- Frank Zappa
More information about the pkg-java-maintainers
mailing list