Bug#707704: tomcat7: CVE-2013-2071
Moritz Muehlenhoff
jmm at inutil.org
Fri May 10 13:21:50 UTC 2013
Package: tomcat7
Severity: important
Tags: security
Three security issues were reported in tomcat today:
http://tomcat.apache.org/security-7.html
CVE-2013-2067 and CVE-2012-3544 were made public today, but already fixed in past
releases. Hence, in comparison to stable/oldstable sid is already fixed.
Note that CVE-2013-2067 and CVE-2012-3544 also affect tomcat6. tomcat6 should
be removed now that wheezy is released.
Cheers,
Moritz
More information about the pkg-java-maintainers
mailing list