libthrift-java 0.9.1-2.1 source package in Debian
Changelog
libthrift-java (0.9.1-2.1) unstable; urgency=high
* Non-maintainer upload.
* Fix CVE-2018-1320:
It was discovered that it was possible to bypass SASL negotiation
isComplete validation in the org.apache.thrift.transport.TSaslTransport
class. An assert used to determine if the SASL handshake had successfully
completed could be disabled in production settings making the validation
incomplete. (Closes: #918736)
-- Markus Koschany <email address hidden> Wed, 06 Feb 2019 19:04:12 +0100
Upload details
- Uploaded by:
- Laszlo Boszormenyi
- Uploaded to:
- Sid
- Original maintainer:
- Laszlo Boszormenyi
- Architectures:
- all
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libthrift-java_0.9.1-2.1.dsc | 2.2 KiB | 2dc5b734bbbeb6ef40a65f0c722f6e259201d9b9fa2de3476d5cc30e5a8b3778 |
| libthrift-java_0.9.1.orig.tar.gz | 129.0 KiB | 8cb6af03b29e6b3ba5bcd06a6cf7681222c1e606fbae2e3ae617e06710cd7998 |
| libthrift-java_0.9.1-2.1.debian.tar.xz | 3.1 KiB | ec2bce943cde5acf766ca853ec9b5afc2b00ee73973aa2e047477b87e9f877b5 |
Available diffs
- diff from 0.9.1-2 to 0.9.1-2.1 (1.1 KiB)
No changes file available.
