Bug#1010670: libgoogle-gson-java: CVE-2022-25647 Deserialization of Untrusted Data via the writeReplace method
tony mancill
tmancill at debian.org
Sat May 14 22:26:31 BST 2022
On Sat, May 14, 2022 at 10:49:48PM +0200, Dominik George wrote:
> Hi,
>
> > Thank you for uploading to old-old-stable [1]. Are you interested in
> > doing the same for old-stable and stable? (If not, I plan to. I'm
> > asking only to avoid duplication of effort.)
>
> I was actually planning to ask you whether I shall handle that. So if you want, I will take that up as well.
Please do. There are plenty of bugs (and DSAs) to go around. :)
Thank you!
tony
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20220514/bafae55f/attachment.sig>
More information about the pkg-java-maintainers
mailing list