commons-vfs (2.1-5) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/java-team/commons-vfs.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: master
Path: debian/changelog
Repo size: 339968
Browser: https://salsa.debian.org/java-team/commons-vfs
Last scan: 2025-10-11 06:16:08+00
Next scan: 2025-10-18 13:40:00+00

Debian changelog in Git:

commons-vfs (2.1-5) unstable; urgency=medium

  * Team upload.
  * Declare compliance with Debian Policy 4.7.2.
  * Force at least a Java 8 build to fix CVE-2025-27553.
  * Fix CVE-2025-27553: (Closes: #1101204)
    Arnout Engelen discovered a Relative Path Traversal vulnerability in
    Commons VFS, a Java library that provides a single API for accessing
    various different file systems. A local or remote attacker may use this
    flaw to access files and directories outside of a root folder.

 -- Markus Koschany <apo@debian.org>  Thu, 03 Apr 2025 03:38:38 +0200

This branch is even with tag debian/2.1-5