Bug#860566: fixed in batik 1.9-1

Moritz Muehlenhoff jmm at debian.org
Sun Oct 1 09:37:24 UTC 2017


On Mon, Sep 04, 2017 at 06:19:28AM +0000, Christopher Hoskin wrote:
> Changes:
>  batik (1.9-1) unstable; urgency=medium

[..]

>    * New upstream (1.9)
>        + Fix "CVE-2017-5662: information disclosure vulnerability" Upstream claim
>          BATIK-1139 is fixed in 1.9 (Closes: #860566)

Hi,
this doesn't warrant a DSA, but there's still the possibility to fix this via a
stable point update [1], so I was wondering whether anything of that sort is planned by
you.

Cheers,
        Moritz

[1] https://www.debian.org/doc/manuals/developers-reference/ch05.html#upload-stable



More information about the pkg-java-maintainers mailing list