Bug#612257: Three Tomcat vulnerabilities

tony mancill tmancill at debian.org
Thu Feb 10 15:28:33 UTC 2011

Hello Moritz,

I have uploaded the patched tomcat6 package to unstable and will now build for
squeeze, which I will then upload to my p.d.o page for review.

One question first.  There was one pending update already in SVN for the
Brazilian debconf translation, which I included in the upload to unstable.  Do
you think it's acceptable to allow this to be included in upload for
squeeze-security, or does that bit need to be excluded?  (I'm trying to decide
where to branch in the packaging repo.)

Thank you,

On 02/07/2011 12:00 AM, Moritz Muehlenhoff wrote:
> Package: tomcat6
> Version: Three Tomcat vulnerabilities
> Severity: grave
> Tags: security
> CVE-2011-0534, CVE-2011-0013 and CVE-2010-3718 need to be
> fixed in squeeze-security and unstable:
> http://tomcat.apache.org/security-6.html
> Cheers,

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20110210/8d5d0749/attachment.pgp>

More information about the pkg-java-maintainers mailing list