libthrift-java 0.9.1-2.1 source package in Debian
Changelog
libthrift-java (0.9.1-2.1) unstable; urgency=high * Non-maintainer upload. * Fix CVE-2018-1320: It was discovered that it was possible to bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete. (Closes: #918736) -- Markus Koschany <email address hidden> Wed, 06 Feb 2019 19:04:12 +0100
Upload details
- Uploaded by:
- Laszlo Boszormenyi
- Uploaded to:
- Sid
- Original maintainer:
- Laszlo Boszormenyi
- Architectures:
- all
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
libthrift-java_0.9.1-2.1.dsc | 2.2 KiB | 2dc5b734bbbeb6ef40a65f0c722f6e259201d9b9fa2de3476d5cc30e5a8b3778 |
libthrift-java_0.9.1.orig.tar.gz | 129.0 KiB | 8cb6af03b29e6b3ba5bcd06a6cf7681222c1e606fbae2e3ae617e06710cd7998 |
libthrift-java_0.9.1-2.1.debian.tar.xz | 3.1 KiB | ec2bce943cde5acf766ca853ec9b5afc2b00ee73973aa2e047477b87e9f877b5 |
Available diffs
- diff from 0.9.1-2 to 0.9.1-2.1 (1.1 KiB)
No changes file available.