Publishing details

Changelog

bsh (2.0b4-17ubuntu1) xenial; urgency=medium

  * Merged from Debian. Remaining changes:
    - Move to Servlet API 3.1

bsh (2.0b4-17) unstable; urgency=medium

  * Team upload.
  * Update CVE-2016-2510.patch and use java.io.ObjectStreamException and
    java.io.NotSerializableException directly to ensure Jedit can be build from
    source.

bsh (2.0b4-16) unstable; urgency=high

  * Team upload.
  * Fix CVE-2016-2510.
    An application that includes BeanShell on the classpath may be vulnerable
    if another part of the application uses Java serialization or XStream to
    deserialize data from an untrusted source. A vulnerable application could
    be exploited for remote code execution, including executing arbitrary shell
    commands.
  * Declare compliance with Debian Policy 3.9.7.
  * Vcs-Browser: Use https.

 -- Marc Deslauriers <email address hidden>  Tue, 08 Mar 2016 09:58:49 -0500

Available diffs

Builds

Built packages

Package files