Import Debian changes 1:1.1.2-1+deb8u1
logback (1:1.1.2-1+deb8u1) jessie; urgency=high * Team upload. * Fix CVE-2017-5929: It was discovered that logback, a flexible logging library for Java, would deserialize data from untrusted sockets. This issue has been resolved by adding a whitelist to use only trusted classes. (Closes: #857343)
Please register or sign in to comment