mina2 (2.2.1-4) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/java-team/mina2.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: master
Path: debian/changelog
Repo size: 417792
Browser: https://salsa.debian.org/java-team/mina2
Last scan: 2025-10-13 23:33:10+00
Next scan: 2025-10-19 21:57:00+00

Debian changelog in Git:

mina2 (2.2.1-4) unstable; urgency=medium

  * Team upload
  * Fixing CVE-2024-52046: The ObjectSerializationDecoder in Apache MINA uses
    Java’s native deserialization protocol to process incoming serialized
    data but lacks the necessary security checks and defenses. This
    vulnerability allows attackers to exploit the deserialization process by
    sending specially crafted malicious serialized data, potentially leading to
    remote code execution (RCE) attacks.
    Closes: #1091530

 -- Pierre Gruet <pgt@debian.org>  Tue, 15 Jul 2025 23:47:20 +0200

This branch is even with tag debian/2.2.1-4