[ubuntu/trusty-updates] jackrabbit 2.3.6-1+deb8u2build0.14.04.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Oct 5 18:28:32 UTC 2016


jackrabbit (2.3.6-1+deb8u2build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

jackrabbit (2.3.6-1+deb8u2) jessie-security; urgency=high

  * Team upload.
  * Fix CVE-2016-6801:
    The CSRF content-type check for POST requests did not handle missing
    Content-Type header fields, nor variations in field values with respect to
    upper/lower case or optional parameters. This could be exploited to create
    a resource via CSRF.

Date: 2016-10-05 16:29:14.658642+00:00
Changed-By: Emily Ratliff <emily.ratliff at canonical.com>
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/jackrabbit/2.3.6-1+deb8u2build0.14.04.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list