Artifact apache-jena_4.9.0-1

Metadata
changes_fields:
  Architecture: all
  Binary: libapache-jena-java
  Changed-By: Markus Koschany <apo@debian.org>
  Changes: |2-

     apache-jena (4.9.0-1) unstable; urgency=medium
     .
       * New upstream version 4.9.0.
         - Fix CVE-2023-22665: (Closes: #1041108)
           There is insufficient checking of user queries in Apache Jena versions
           4.7.0 and earlier, when invoking custom scripts. It allows a remote user
           to execute arbitrary javascript via a SPARQL query.
         - Fix CVE-2023-32200: (Closes: #1035952)
           There is insufficient restrictions of called script functions in Apache
           Jena versions 4.8.0 and earlier. It allows a remote user to execute
           javascript via a SPARQL query. This issue affects Apache Jena: from 3.7.0
           through 4.8.0.
       * B-D on libcaffeine-java and libcommons-collections4-java.
       * Ignore org.roaringbitmap:RoaringBitmap artifact. Needs packaging.
       * Rebase and update the patches for the new release.
  Checksums-Sha1:
  - name: apache-jena_4.9.0-1_arm64.buildinfo
    sha1: 4b931ddf36ca6a067c208043ce292b2b1918d37d
    size: '14809'
  - name: libapache-jena-java_4.9.0-1_all.deb
    sha1: e45fc93e7c3984f661ba63f1d064462b26e49f01
    size: '7648740'
  Checksums-Sha256:
  - name: apache-jena_4.9.0-1_arm64.buildinfo
    sha256: 37b953b3e4f76fc6576908ce001905a959ac152f8d113fab9feb2798739736f7
    size: '14809'
  - name: libapache-jena-java_4.9.0-1_all.deb
    sha256: 2e2bf5a00214f5d02b3afedd075c93d4b33bb8e94e4f610ee75b1d6894e15cab
    size: '7648740'
  Closes: 1035952 1041108
  Date: Thu, 14 Sep 2023 19:21:03 +0200
  Description: |2-

     libapache-jena-java - Java framework for building Semantic Web applications
  Distribution: sid
  Files:
  - md5sum: 7403c7fb111e63bd020398c0af17c2e8
    name: apache-jena_4.9.0-1_arm64.buildinfo
    priority: optional
    section: java
    size: '14809'
  - md5sum: c112fab0f599a0346bc7e514ef5d39c4
    name: libapache-jena-java_4.9.0-1_all.deb
    priority: optional
    section: java
    size: '7648740'
  Format: '1.8'
  Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
  Source: apache-jena
  Urgency: medium
  Version: 4.9.0-1
type: dpkg

Files

Name Size (bytes)
apache-jena_4.9.0-1_arm64.buildinfo 14.5 KB
apache-jena_4.9.0-1_arm64.changes 1.8 KB
libapache-jena-java_4.9.0-1_all.deb 7.3 MB

Relations

Relation Direction Type Name
extends Binary package libapache-jena-java_4.9.0-1_all
relates-to Binary package libapache-jena-java_4.9.0-1_all
extends Binary packages apache-jena_4.9.0-1
relates-to Binary packages apache-jena_4.9.0-1

package upload System build a package - 1 month, 4 weeks ago 4 weeks, 2 days
BETA