Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.maint.java > #8900
| Path | csiph.com!news.mixmin.net!aioe.org!bofh.it!news.nic.it!robomod |
|---|---|
| From | Markus Koschany <apo@debian.org> |
| Newsgroups | linux.debian.maint.java |
| Subject | Re: bsh (BeanShell) security vulnerability (CVE-2016-2510) |
| Date | Fri, 26 Feb 2016 15:00:02 +0100 |
| Message-ID | <r6r62-44C-7@gated-at.bofh.it> (permalink) |
| References | <r3Scq-4Z3-7@gated-at.bofh.it> |
| X-Mailbox-Line | From debian-java-request@lists.debian.org Fri Feb 26 13:51:58 2016 |
| Old-Return-Path | <apo@debian.org> |
| X-Amavis-Spam-Status | No, score=-11.98 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, LDO_WHITELIST=-5, MURPHY_DRUGS_REL8=0.02, PGPSIGNATURE=-5, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no |
| X-Policyd-Weight | using cached result; rate: -5 |
| X-Enigmail-Draft-Status | N1110 |
| User-Agent | Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.6.0 |
| MIME-Version | 1.0 |
| Content-Type | multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="5Q40aJNJbbNClEEV3la64wfat9H9NFoGm" |
| X-Sa-Exim-Scanned | No (on richard.fcube.de); SAEximRunCond expanded to false |
| X-Mailing-List | <debian-java@lists.debian.org> archive/latest/19225 |
| List-ID | <debian-java.lists.debian.org> |
| List-URL | <https://lists.debian.org/debian-java/> |
| List-Archive | https://lists.debian.org/msgid-search/56D05866.80102@debian.org |
| Approved | robomod@news.nic.it |
| Lines | 101 |
| Organization | linux.* mail to news gateway |
| Sender | robomod@news.nic.it |
| X-Original-Cc | team@security.debian.org, debian-java@lists.debian.org |
| X-Original-Date | Fri, 26 Feb 2016 14:51:34 +0100 |
| X-Original-Message-ID | <56D05866.80102@debian.org> |
| X-Original-References | <CAMBJEmU3hFuN4k7wrnhAgLtQxnCDH0joQO0A_9m=KXeJzA5xkQ@mail.gmail.com> |
| Xref | csiph.com linux.debian.maint.java:8900 |
Show key headers only | View raw
[Multipart message — attachments visible in raw view] - view raw
Am 19.02.2016 um 13:10 schrieb Stian Soiland-Reyes: > Hi, > > BeanShell aka bsh has released a security fix 2.0b6: > > https://github.com/beanshell/beanshell/releases/tag/2.0b6 > > It has been reported to MITRE as CVE-2016-2510. Hi Stian, I intend to backport your changes to fix CVE-2016-2510. Looking at the relevant commits, I could condense the changes to create the attached patch. Could you take a look at it and confirm that this is sufficient? Regards, Markus
Back to linux.debian.maint.java | Previous | Next — Previous in thread | Next in thread | Find similar
bsh (BeanShell) security vulnerability (CVE-2016-2510) Stian Soiland-Reyes <stain@apache.org> - 2016-02-19 13:20 +0100
Re: bsh (BeanShell) security vulnerability (CVE-2016-2510) Emmanuel Bourg <ebourg@apache.org> - 2016-02-19 14:40 +0100
Bug#700610: bsh (BeanShell) security vulnerability (CVE-2016-2510) Stian Soiland-Reyes <stain@apache.org> - 2016-02-19 17:30 +0100
Re: bsh (BeanShell) security vulnerability (CVE-2016-2510) Markus Koschany <apo@debian.org> - 2016-02-26 15:00 +0100
Re: bsh (BeanShell) security vulnerability (CVE-2016-2510) Stian Soiland-Reyes <stain@apache.org> - 2016-02-29 13:10 +0100
Re: bsh (BeanShell) security vulnerability (CVE-2016-2510) Sébastien Delafond <seb@debian.org> - 2016-03-01 14:20 +0100
Re: bsh (BeanShell) security vulnerability (CVE-2016-2510) Markus Koschany <apo@debian.org> - 2016-03-01 16:10 +0100
Re: bsh (BeanShell) security vulnerability (CVE-2016-2510) Sébastien Delafond <seb@debian.org> - 2016-03-01 17:10 +0100
csiph-web