c3p0 (0.9.1.2-9+deb9u1) stretch; urgency=medium * Team upload. * Fix CVE-2018-20433. A XML External Entity (XXE) vulnerability was discovered in c3p0 that may be used to resolve information outside of the intended sphere of control. (Closes: #917257) -- Markus Koschany <email address hidden> Fri, 28 Dec 2018 18:41:05 +0100