Change log for libjettison-java package in Ubuntu
1 → 17 of 17 results | First • Previous • Next • Last |
libjettison-java (1.5.3-1ubuntu0.1) lunar-security; urgency=medium * SECURITY UPDATE: Denial of Service - debian/patches/CVE-2023-1436.patch: fixed a stack overflow in JSONArray function. - CVE-2023-1436 -- Amir Naseredini <email address hidden> Tue, 20 Jun 2023 09:25:08 +0100
Available diffs
libjettison-java (1.4.1-1ubuntu0.22.10.2) kinetic-security; urgency=medium * SECURITY UPDATE: Denial of Service - debian/patches/CVE-2023-1436.patch: fixed a stack overflow in JSONArray function. - CVE-2023-1436 -- Amir Naseredini <email address hidden> Tue, 20 Jun 2023 09:26:17 +0100
Available diffs
libjettison-java (1.4.0-1ubuntu0.20.04.1) focal-security; urgency=medium * SECURITY UPDATE: Denial of Service - debian/patches/CVE-2022-40149.patch: fixed a denial of service in nextClean function. - debian/patches/CVE-2022-40150-[1-5].patch: fixed multiple cases of denial of service from CVE-2022-40150, CVE-2022-45685, and CVE-2022-45693. - CVE-2022-40149 - CVE-2022-40150 - CVE-2022-45685 - CVE-2022-45693 -- Amir Naseredini <email address hidden> Thu, 15 Jun 2023 17:05:52 +0100
Available diffs
libjettison-java (1.4.1-1ubuntu0.22.04.1) jammy-security; urgency=medium * SECURITY UPDATE: Denial of Service - debian/patches/CVE-2022-40149.patch: fixed a denial of service in nextClean function. - debian/patches/CVE-2022-40150-[1-4].patch: fixed multiple cases of denial of service from CVE-2022-40150, CVE-2022-45685, and CVE-2022-45693. - CVE-2022-40149 - CVE-2022-40150 - CVE-2022-45685 - CVE-2022-45693 -- Amir Naseredini <email address hidden> Thu, 15 Jun 2023 17:23:25 +0100
Available diffs
libjettison-java (1.4.1-1ubuntu0.22.10.1) kinetic-security; urgency=medium * SECURITY UPDATE: Denial of Service - debian/patches/CVE-2022-40149.patch: fixed a denial of service in nextClean function. - debian/patches/CVE-2022-40150-[1-4].patch: fixed multiple cases of denial of service from CVE-2022-40150, CVE-2022-45685, and CVE-2022-45693. - CVE-2022-40149 - CVE-2022-40150 - CVE-2022-45685 - CVE-2022-45693 -- Amir Naseredini <email address hidden> Thu, 15 Jun 2023 17:25:10 +0100
Available diffs
Published in oracular-release |
Published in noble-release |
Published in mantic-release |
Deleted in mantic-proposed (Reason: Moved to mantic) |
libjettison-java (1.5.4-1) unstable; urgency=medium * Team upload. * New upstream version 1.5.4 (Closes: #1033846) - Fix CVE-2023-1436 - Infinite recursion in Jettison leads to denial of service when creating a crafted JSONArray -- tony mancill <email address hidden> Sun, 11 Jun 2023 15:38:24 -0700
Available diffs
- diff from 1.5.3-1 to 1.5.4-1 (1.5 KiB)
Superseded in mantic-release |
Published in lunar-release |
Deleted in lunar-proposed (Reason: Moved to lunar) |
libjettison-java (1.5.3-1) unstable; urgency=high * Team upload. * New upstream version 1.5.3. - Fix CVE-2022-40150, CVE-2022-45685, CVE-2022-45693: denial of service via stack overflow / out of memory (Closes: #1022553) * Declare compliance with Debian Policy 4.6.2. -- Markus Koschany <email address hidden> Sat, 31 Dec 2022 11:18:53 +0100
Available diffs
- diff from 1.5.1-1 to 1.5.3-1 (3.5 KiB)
libjettison-java (1.5.1-1) unstable; urgency=medium * Team upload. * New upstream version 1.5.1. * Fix CVE-2022-40149: It was discovered that libjettison-java, a collection of StAX parsers and writers for JSON, was vulnerable to a denial-of-service attack, if the attacker provided untrusted XML or JSON data. (Closes: #1022554) -- Markus Koschany <email address hidden> Thu, 10 Nov 2022 01:09:07 +0100
Available diffs
- diff from 1.4.1-1 to 1.5.1-1 (6.3 KiB)
Superseded in lunar-release |
Obsolete in kinetic-release |
Published in jammy-release |
Obsolete in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: moved to Release) |
libjettison-java (1.4.1-1) unstable; urgency=medium * Team upload. * New upstream release * Standards-Version updated to 4.5.1 * Switch to debhelper level 13 * Use salsa.debian.org Vcs-* URLs -- Emmanuel Bourg <email address hidden> Mon, 18 Jan 2021 00:14:42 +0100
Available diffs
- diff from 1.4.0-1 to 1.4.1-1 (6.1 KiB)
Superseded in hirsute-release |
Obsolete in groovy-release |
Published in focal-release |
Obsolete in eoan-release |
Obsolete in disco-release |
Obsolete in cosmic-release |
Published in bionic-release |
Deleted in bionic-proposed (Reason: moved to release) |
libjettison-java (1.4.0-1) unstable; urgency=medium * Team upload. * New upstream release - Build with Maven instead of Ant - Fixed the compatibility with the bundle plugin in Debian * Build with the DH sequencer instead of CDBS * Moved the package to Git * Standards-Version updated to 4.1.4 * Switch to debhelper level 11 * Track and download the new releases from GitHub * Converted debian/copyright to the Copyright Format 1.0 -- Emmanuel Bourg <email address hidden> Fri, 20 Apr 2018 16:28:48 +0200
Available diffs
- diff from 1.2-3 (in Ubuntu) to 1.4.0-1 (101.6 KiB)
Superseded in bionic-release |
Obsolete in artful-release |
Obsolete in zesty-release |
Obsolete in yakkety-release |
Published in xenial-release |
Obsolete in wily-release |
Obsolete in vivid-release |
Obsolete in utopic-release |
Published in trusty-release |
Obsolete in saucy-release |
Obsolete in raring-release |
Obsolete in quantal-release |
Published in precise-release |
Obsolete in oneiric-release |
Superseded in oneiric-release |
libjettison-java (1.2-3) unstable; urgency=low * Team upload. * Install Maven artifacts (Closes: #620049). Thanks to James Page <email address hidden> : - debian/control: Add maven-repo-helper to Build-Depends. - debian/rules: Use mh_installpom and mh_installjar instead of install/dh_link. - debian/pom.xml: Downloaded POM for Maven. - debian/maven.rules: Force installed POM to use "jar" packaging. * Update Standards-Version: 3.9.1 (no changes needed). * Bump Debhelper compat level to 7 (and update B-D). * Drop Depends on a JRE since it's a library package. -- Ubuntu Archive Auto-Sync <email address hidden> Sat, 30 Apr 2011 13:06:01 +0000
Available diffs
- diff from 1.2-2 to 1.2-3 (2.5 KiB)
libjettison-java (1.2-2) unstable; urgency=low * Update copyright file because the json code uses the Apache license now. It is based on an older public domain implementation of the JSON.org library. (Closes: #585469)
Available diffs
- diff from 1.1-1ubuntu2 to 1.2-2 (11.2 KiB)
Superseded in maverick-release |
Obsolete in lucid-release |
Obsolete in karmic-release |
Superseded in karmic-release |
libjettison-java (1.1-1ubuntu2) karmic; urgency=low * debian/build.xml: Build java2-compatible code to match JRE dependency * debian/control: Drop java1-runtime-headless ORed dependency -- Thierry Carrez <email address hidden> Tue, 25 Aug 2009 15:08:56 +0200
Available diffs
- diff from 1.1-1ubuntu1 to 1.1-1ubuntu2 (728 bytes)
Superseded in karmic-release |
libjettison-java (1.1-1ubuntu1) karmic; urgency=low * debian/control: Runtime dependency on -headless JREs (LP: #387884) * debian/control, debian/rules: Build-depend on default-jdk -- Thierry Carrez <email address hidden> Fri, 03 Jul 2009 15:05:02 +0200
Available diffs
- diff from 1.1-1 to 1.1-1ubuntu1 (958 bytes)
libjettison-java (1.1-1) unstable; urgency=low * Updated watch file. * New upstream release * Add missing Depends: ${misc:Depends}. * Bump up Standards-Version: 3.8.1 (no changes). * Change Section: java. * Fix downloading of orig tarball. * Do no longer quote the full text of the Apache license in debian/copyright. -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 01 Jun 2009 10:43:42 +0100
Available diffs
- diff from 1.0-1 to 1.1-1 (57.8 KiB)
libjettison-java (1.0-1) unstable; urgency=low * new upstream release * Change Standards-Version: 3.7.3 (no changes). -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 02 May 2008 02:14:56 +0100
libjettison-java (1.0~RC2-1) unstable; urgency=low * initial version (Closes: #453111) -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 11 Dec 2007 08:04:33 +0000
1 → 17 of 17 results | First • Previous • Next • Last |