Change log for libjettison-java package in Ubuntu
| 1 → 17 of 17 results | First • Previous • Next • Last |
libjettison-java (1.5.3-1ubuntu0.1) lunar-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2023-1436.patch: fixed a stack overflow in JSONArray
function.
- CVE-2023-1436
-- Amir Naseredini <email address hidden> Tue, 20 Jun 2023 09:25:08 +0100
Available diffs
libjettison-java (1.4.1-1ubuntu0.22.10.2) kinetic-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2023-1436.patch: fixed a stack overflow in JSONArray
function.
- CVE-2023-1436
-- Amir Naseredini <email address hidden> Tue, 20 Jun 2023 09:26:17 +0100
Available diffs
libjettison-java (1.4.0-1ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2022-40149.patch: fixed a denial of service in
nextClean function.
- debian/patches/CVE-2022-40150-[1-5].patch: fixed multiple cases of
denial of service from CVE-2022-40150, CVE-2022-45685, and
CVE-2022-45693.
- CVE-2022-40149
- CVE-2022-40150
- CVE-2022-45685
- CVE-2022-45693
-- Amir Naseredini <email address hidden> Thu, 15 Jun 2023 17:05:52 +0100
Available diffs
libjettison-java (1.4.1-1ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2022-40149.patch: fixed a denial of service in
nextClean function.
- debian/patches/CVE-2022-40150-[1-4].patch: fixed multiple cases of
denial of service from CVE-2022-40150, CVE-2022-45685, and
CVE-2022-45693.
- CVE-2022-40149
- CVE-2022-40150
- CVE-2022-45685
- CVE-2022-45693
-- Amir Naseredini <email address hidden> Thu, 15 Jun 2023 17:23:25 +0100
Available diffs
libjettison-java (1.4.1-1ubuntu0.22.10.1) kinetic-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2022-40149.patch: fixed a denial of service in
nextClean function.
- debian/patches/CVE-2022-40150-[1-4].patch: fixed multiple cases of
denial of service from CVE-2022-40150, CVE-2022-45685, and
CVE-2022-45693.
- CVE-2022-40149
- CVE-2022-40150
- CVE-2022-45685
- CVE-2022-45693
-- Amir Naseredini <email address hidden> Thu, 15 Jun 2023 17:25:10 +0100
Available diffs
| Published in oracular-release |
| Published in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
libjettison-java (1.5.4-1) unstable; urgency=medium
* Team upload.
* New upstream version 1.5.4 (Closes: #1033846)
- Fix CVE-2023-1436 - Infinite recursion in Jettison leads
to denial of service when creating a crafted JSONArray
-- tony mancill <email address hidden> Sun, 11 Jun 2023 15:38:24 -0700
Available diffs
- diff from 1.5.3-1 to 1.5.4-1 (1.5 KiB)
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
libjettison-java (1.5.3-1) unstable; urgency=high
* Team upload.
* New upstream version 1.5.3.
- Fix CVE-2022-40150, CVE-2022-45685, CVE-2022-45693:
denial of service via stack overflow / out of memory
(Closes: #1022553)
* Declare compliance with Debian Policy 4.6.2.
-- Markus Koschany <email address hidden> Sat, 31 Dec 2022 11:18:53 +0100
Available diffs
- diff from 1.5.1-1 to 1.5.3-1 (3.5 KiB)
libjettison-java (1.5.1-1) unstable; urgency=medium
* Team upload.
* New upstream version 1.5.1.
* Fix CVE-2022-40149:
It was discovered that libjettison-java, a collection of StAX parsers and
writers for JSON, was vulnerable to a denial-of-service attack, if the
attacker provided untrusted XML or JSON data. (Closes: #1022554)
-- Markus Koschany <email address hidden> Thu, 10 Nov 2022 01:09:07 +0100
Available diffs
- diff from 1.4.1-1 to 1.5.1-1 (6.3 KiB)
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Published in jammy-release |
| Obsolete in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
libjettison-java (1.4.1-1) unstable; urgency=medium * Team upload. * New upstream release * Standards-Version updated to 4.5.1 * Switch to debhelper level 13 * Use salsa.debian.org Vcs-* URLs -- Emmanuel Bourg <email address hidden> Mon, 18 Jan 2021 00:14:42 +0100
Available diffs
- diff from 1.4.0-1 to 1.4.1-1 (6.1 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Published in focal-release |
| Obsolete in eoan-release |
| Obsolete in disco-release |
| Obsolete in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
libjettison-java (1.4.0-1) unstable; urgency=medium
* Team upload.
* New upstream release
- Build with Maven instead of Ant
- Fixed the compatibility with the bundle plugin in Debian
* Build with the DH sequencer instead of CDBS
* Moved the package to Git
* Standards-Version updated to 4.1.4
* Switch to debhelper level 11
* Track and download the new releases from GitHub
* Converted debian/copyright to the Copyright Format 1.0
-- Emmanuel Bourg <email address hidden> Fri, 20 Apr 2018 16:28:48 +0200
Available diffs
- diff from 1.2-3 (in Ubuntu) to 1.4.0-1 (101.6 KiB)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Obsolete in zesty-release |
| Obsolete in yakkety-release |
| Published in xenial-release |
| Obsolete in wily-release |
| Obsolete in vivid-release |
| Obsolete in utopic-release |
| Published in trusty-release |
| Obsolete in saucy-release |
| Obsolete in raring-release |
| Obsolete in quantal-release |
| Published in precise-release |
| Obsolete in oneiric-release |
| Superseded in oneiric-release |
libjettison-java (1.2-3) unstable; urgency=low
* Team upload.
* Install Maven artifacts (Closes: #620049).
Thanks to James Page <email address hidden> :
- debian/control: Add maven-repo-helper to Build-Depends.
- debian/rules: Use mh_installpom and mh_installjar instead of
install/dh_link.
- debian/pom.xml: Downloaded POM for Maven.
- debian/maven.rules: Force installed POM to use "jar" packaging.
* Update Standards-Version: 3.9.1 (no changes needed).
* Bump Debhelper compat level to 7 (and update B-D).
* Drop Depends on a JRE since it's a library package.
-- Ubuntu Archive Auto-Sync <email address hidden> Sat, 30 Apr 2011 13:06:01 +0000
Available diffs
- diff from 1.2-2 to 1.2-3 (2.5 KiB)
libjettison-java (1.2-2) unstable; urgency=low
* Update copyright file because the json code uses the Apache license now. It
is based on an older public domain implementation of the JSON.org library.
(Closes: #585469)
Available diffs
- diff from 1.1-1ubuntu2 to 1.2-2 (11.2 KiB)
| Superseded in maverick-release |
| Obsolete in lucid-release |
| Obsolete in karmic-release |
| Superseded in karmic-release |
libjettison-java (1.1-1ubuntu2) karmic; urgency=low * debian/build.xml: Build java2-compatible code to match JRE dependency * debian/control: Drop java1-runtime-headless ORed dependency -- Thierry Carrez <email address hidden> Tue, 25 Aug 2009 15:08:56 +0200
Available diffs
- diff from 1.1-1ubuntu1 to 1.1-1ubuntu2 (728 bytes)
| Superseded in karmic-release |
libjettison-java (1.1-1ubuntu1) karmic; urgency=low * debian/control: Runtime dependency on -headless JREs (LP: #387884) * debian/control, debian/rules: Build-depend on default-jdk -- Thierry Carrez <email address hidden> Fri, 03 Jul 2009 15:05:02 +0200
Available diffs
- diff from 1.1-1 to 1.1-1ubuntu1 (958 bytes)
libjettison-java (1.1-1) unstable; urgency=low
* Updated watch file.
* New upstream release
* Add missing Depends: ${misc:Depends}.
* Bump up Standards-Version: 3.8.1 (no changes).
* Change Section: java.
* Fix downloading of orig tarball.
* Do no longer quote the full text of the Apache license in debian/copyright.
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 01 Jun 2009 10:43:42 +0100
Available diffs
- diff from 1.0-1 to 1.1-1 (57.8 KiB)
libjettison-java (1.0-1) unstable; urgency=low * new upstream release * Change Standards-Version: 3.7.3 (no changes). -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 02 May 2008 02:14:56 +0100
libjettison-java (1.0~RC2-1) unstable; urgency=low * initial version (Closes: #453111) -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 11 Dec 2007 08:04:33 +0000
| 1 → 17 of 17 results | First • Previous • Next • Last |
