I see; I didn't realize it was possible to use maven 3 with wagon 1. Thanks
for helping clarify this.
On Tue, Feb 3, 2015 at 10:23 AM, Emmanuel Bourg wrote:
> Le 03/02/2015 19:06, Christopher Currie a écrit :
>
> > Thanks; the issue is that I would like to see that CVE fixed for
> > precise. It
On Mon, Feb 2, 2015 at 3:26 PM, Emmanuel Bourg wrote:
> Le 02/02/2015 23:55, Christopher Currie a écrit :
>
> > Greetings, debian-java. Is this the correct place to ask for help with
> > Ubuntu packages?
>
> Hi Christopher,
>
> Most Java packages are shared between Debian and Ubuntu, so we should
Le 03/02/2015 19:06, Christopher Currie a écrit :
> Thanks; the issue is that I would like to see that CVE fixed for
> precise. It looks like precise doesn't have libwagon2-java, only
> libwagon-java. Has anyone worked with the Ubuntu security team, and can
> say whether they'd allow a *new* packa
Le 02/02/2015 23:55, Christopher Currie a écrit :
> Greetings, debian-java. Is this the correct place to ask for help with
> Ubuntu packages?
Hi Christopher,
Most Java packages are shared between Debian and Ubuntu, so we should be
able to help.
CVE-2013-0253 was fixed 2 years ago in libwagon2-j
On Feb 2, 2015, at 2:20 PM, Niels Thykier wrote:
>
> On 2015-02-02 23:03, Christopher Currie wrote:
>> Maven 3.0.4, the default on Ubuntu 12.04, has a documented security
>> vulnerability:
>>
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0253
>>
>> The Ubuntu security team has asked
5 matches
Mail list logo
