Bug#612257: Three Tomcat vulnerabilities
tony mancill
tmancill at debian.org
Thu Feb 10 15:28:33 UTC 2011
Hello Moritz,
I have uploaded the patched tomcat6 package to unstable and will now build for
squeeze, which I will then upload to my p.d.o page for review.
One question first. There was one pending update already in SVN for the
Brazilian debconf translation, which I included in the upload to unstable. Do
you think it's acceptable to allow this to be included in upload for
squeeze-security, or does that bit need to be excluded? (I'm trying to decide
where to branch in the packaging repo.)
Thank you,
tony
On 02/07/2011 12:00 AM, Moritz Muehlenhoff wrote:
> Package: tomcat6
> Version: Three Tomcat vulnerabilities
> Severity: grave
> Tags: security
>
> CVE-2011-0534, CVE-2011-0013 and CVE-2010-3718 need to be
> fixed in squeeze-security and unstable:
>
> http://tomcat.apache.org/security-6.html
>
> Cheers,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20110210/8d5d0749/attachment.pgp>
More information about the pkg-java-maintainers
mailing list