remove commons httpclient from main

CVE-2012-5783 is fixed in 3.1-10.2

https://launchpad.net/ubuntu/+source/commons-httpclient/3.1-10.2

Removing Commons HttpClient 3.1 forces to remove or to patch all packages depending on it, because there's an API change from v3 to v4

This is the list of ubuntu packages wich will need to be patched to use HttpComponents (libhttpclient-java):

# apt-rdepends -r libcommons-httpclient-java

...

 libcommons-httpclient-java
  Reverse Depends: biomaj (1.2.0-3)
  Reverse Depends: eclipse-platform (>= 3.7.2-1)
  Reverse Depends: fetchexc (2.0-4)
  Reverse Depends: gradle (1.0~m3-1)
  Reverse Depends: jajuk (1:1.9.5-3)
  Reverse Depends: jets3t (0.8.1+dfsg-1build1)
  Reverse Depends: jftp (1.52+dfsg-1)
  Reverse Depends: jmeter (2.3.4-2ubuntu2)
  Reverse Depends: jmeter-http (2.3.4-2ubuntu2)
  Reverse Depends: jspwiki (2.8.0-4)
  Reverse Depends: libaxis-java (1.4-16)
  Reverse Depends: libgradle-core-java (1.0~m3-1)
  Reverse Depends: libjabsorb-java (1.3-2)
  Reverse Depends: libjenkins-htmlunit-java (2.6-jenkins-6-1fakesync1)
  Reverse Depends: libjenkins-java (1.424.6+dfsg-1)
  Reverse Depends: libjets3t-java (0.8.1+dfsg-1build1)
  Reverse Depends: libmaven-docck-plugin-java (1.0-4)
  Reverse Depends: libmaven-javadoc-plugin-java (2.6.1-2)
  Reverse Depends: libreoffice-wiki-publisher (1.1.1+LibO3.5.2-2ubuntu1)
  Reverse Depends: libuima-as-java (2.3.1-2)
  Reverse Depends: libwagon-java (1.0.0-2ubuntu2)
  Reverse Depends: libxmlrpc3-client-java (3.1.3-5)
  Reverse Depends: maven (3.0.4-2)
  Reverse Depends: rdscli (1.4.007-0ubuntu1)
  Reverse Depends: solr-common (>= 1.4.1+dfsg1-2ubuntu2)
  Reverse Depends: triplea (1.3.2.2-2)
...

Of the long list of packages in Raring that apt-rdepends reports, only libaxis-java and libreoffice are also in main. I guess we can't demote libreoffice, but perhaps we can ask them to upgrade.