-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 20 Aug 2021 22:25:28 +0200
Source: commons-io
Binary: libcommons-io-java libcommons-io-java-doc
Architecture: all
Version: 2.6-2+deb10u1
Distribution: buster
Urgency: medium
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 libcommons-io-java - Common useful IO related classes
 libcommons-io-java-doc - Common useful IO related classes - documentation
Changes:
 commons-io (2.6-2+deb10u1) buster; urgency=medium
 .
   * Team upload.
   * Fix CVE-2021-29425:
     When invoking the method FileNameUtils.normalize with an improper input
     string, like "//../foo", or "\\..\foo", the result would be the same
     value, thus possibly providing access to files in the parent directory,
     but not further above (thus "limited" path traversal), if the calling code
     would use the result to construct a path value.
Checksums-Sha1:
 2ff9464d8b4c6a27897a8c28fc08839eccaeebbf 13268 commons-io_2.6-2+deb10u1_all-buildd.buildinfo
 2ee40cae933097b64c5efe4348be9c5e6b8c94a7 448620 libcommons-io-java-doc_2.6-2+deb10u1_all.deb
 1939ee1961470449cace6db9a2385d2e1833b35d 213232 libcommons-io-java_2.6-2+deb10u1_all.deb
Checksums-Sha256:
 c926ca33d758cd52394bcf778ca10b20b467cc4dbff6c14a03c2946a13a110d2 13268 commons-io_2.6-2+deb10u1_all-buildd.buildinfo
 39f204288d27f6fb4f6df2f9db03c7eb03f6008cdbb95c794463b2c44d2c3d51 448620 libcommons-io-java-doc_2.6-2+deb10u1_all.deb
 47f2601a04194f32e2f6ee9565c28e0baf8bdc85c5cd3d3eca1b6506c8a296fc 213232 libcommons-io-java_2.6-2+deb10u1_all.deb
Files:
 0c34c42ef667ef3f3624a91f9cde7235 13268 java optional commons-io_2.6-2+deb10u1_all-buildd.buildinfo
 567f6f5dc3c7cd76e7633ea9627946f8 448620 doc optional libcommons-io-java-doc_2.6-2+deb10u1_all.deb
 c4393c6a2bc2c7baab1918840c397cdc 213232 java optional libcommons-io-java_2.6-2+deb10u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEqQcRQHTGP4qt3opGks26TWZ8cfMFAmExj5IACgkQks26TWZ8
cfM40g/9FvnAYZPWNs/mRTYOoISl2NRQu3fZl1BZ7SW+wPoyQVMhwZ+DW2LgXewx
XHflE4Qbin618BeGcepIRBbMpxOCk+1NgjQOiOlhBRM269/K6Z9W7whQ6rSAm7gL
IFXH/3AVcAEMFFvb1T/YPzYcPGUaS8N/cIvu17LJbUa4BU+2d2jZOLBl94sU/ig3
vbv2dLJnRklN7OM7sO+qrAXwSicuCWSfa0winicP0vSR0c0+wOdl/So1K3MT6t6T
zNKaZAyZGAAHvrp0l/knIbeuDGSQPL66hLBkA5zbF01P3vU3TtAR/aNRZgriA0Fl
uIwe1sG4/TuGzVHBo9qUElNQJCwFkif0slP+aAXPL26KaizzAnp7fBGIN1hbbArZ
ofJJ6lvUePc5Gx+h5E7z0tr939EBaKT3mQGwAa98m0tysSqw6Vj39HhDWb0Yi6gf
azfSc1Zu2W+lT3Lll/9QJu/mDYCiV6Ty27+lOu644p/Csf/HnZyjspATIeR7MtxP
It/B1uxF4mtJ8QLW4zx2zeFEDN55ohtlNV1Wf/qpyks7ZVntcgBG6emyazHAuS59
GzjmmDW6juEUmpDnIrqyDR3iVXCl7HeftVHNduiNxXMmme5bCUgwPpot5H5V+bp7
QtwngEMsk9PTRrkP2Je4KKRFjLOELql9rMb4aBL6+UekqNoHYKw=
=de3G
-----END PGP SIGNATURE-----