tomcat8_8.5.14-1+deb9u2_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

Debian FTP Masters ftpmaster at ftp-master.debian.org
Sat Sep 23 10:03:41 UTC 2017



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 03 Sep 2017 19:51:58 +0200
Source: tomcat8
Binary: tomcat8-common tomcat8 tomcat8-user libtomcat8-java libtomcat8-embed-java libservlet3.1-java libservlet3.1-java-doc tomcat8-admin tomcat8-examples tomcat8-docs
Architecture: source all
Version: 8.5.14-1+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Changed-By: Markus Koschany <apo at debian.org>
Description:
 libservlet3.1-java - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API classes
 libservlet3.1-java-doc - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API documenta
 libtomcat8-embed-java - Apache Tomcat 8 - Servlet and JSP engine -- embed libraries
 libtomcat8-java - Apache Tomcat 8 - Servlet and JSP engine -- core libraries
 tomcat8    - Apache Tomcat 8 - Servlet and JSP engine
 tomcat8-admin - Apache Tomcat 8 - Servlet and JSP engine -- admin web application
 tomcat8-common - Apache Tomcat 8 - Servlet and JSP engine -- common files
 tomcat8-docs - Apache Tomcat 8 - Servlet and JSP engine -- documentation
 tomcat8-examples - Apache Tomcat 8 - Servlet and JSP engine -- example web applicati
 tomcat8-user - Apache Tomcat 8 - Servlet and JSP engine -- tools to create user
Changes:
 tomcat8 (8.5.14-1+deb9u2) stretch-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2017-7674:
     The CORS Filter did not add an HTTP Vary header indicating that the
     response varies depending on Origin. This permitted client and server side
     cache poisoning in some circumstances.
   * Fix CVE-2017-7675:
     The HTTP/2 implementation bypassed a number of security checks that
     prevented directory traversal attacks. It was therefore possible to bypass
     security constraints using a specially crafted URL.
Checksums-Sha1:
 ded388cf10f5860360d9da30180b24131f0aab94 3116 tomcat8_8.5.14-1+deb9u2.dsc
 e63fc25dae0d501646ff72f87ac8cfe16481da1a 44256 tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 17a93dd040609c0cc71fb6b760d1dd5082a71762 242020 libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 5fe4ebb69c914fbcce12c2c7c45e56030680e6ef 393262 libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 1a1befad7517aa2d66ab8bbb89404376be9777a9 3870254 libtomcat8-embed-java_8.5.14-1+deb9u2_all.deb
 0dd64715e47d3448112993d4647e723f354d2549 4818542 libtomcat8-java_8.5.14-1+deb9u2_all.deb
 cb1e1d256a57875be351cbe4166729edeb645c33 33290 tomcat8-admin_8.5.14-1+deb9u2_all.deb
 5b81fe189a69ab4cbb0c2c7424f45bcba9d1fa38 63996 tomcat8-common_8.5.14-1+deb9u2_all.deb
 664843b8edc95303d00f20c3bbda297b0a7366d0 679772 tomcat8-docs_8.5.14-1+deb9u2_all.deb
 8c8b867377f99d7040650a513047132188803ef6 188656 tomcat8-examples_8.5.14-1+deb9u2_all.deb
 3fef7d8520759bfb9c01a71da686e1283b225cf3 38954 tomcat8-user_8.5.14-1+deb9u2_all.deb
 3daaf9efc334b0424effdb1c98be200141740ff3 51114 tomcat8_8.5.14-1+deb9u2_all.deb
 9ea72a6dc35f3538e1778e2201c5aae111bc3ada 13926 tomcat8_8.5.14-1+deb9u2_amd64.buildinfo
Checksums-Sha256:
 563e32f2b6116837b311f76febcc7ffc965408efc6574c9f4629a692b936e9f2 3116 tomcat8_8.5.14-1+deb9u2.dsc
 e630de89565cd66a044896578b6d01d38b5d9cbf96034532781f9e140ee17f23 44256 tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 3b31715cbd79f7ec903f91c5dd198b013a6450b08a8825337778b9463757e937 242020 libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 8dbfe204ce9798e95fb8cd0d5d5063e9b3e11642bd909a591e413b08fcb7cafc 393262 libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 6462dd64afdd912ab3a878cdac785ff40e0a79c5f0cf2f9285e18277524826b2 3870254 libtomcat8-embed-java_8.5.14-1+deb9u2_all.deb
 c72bc5ffd699d3fa7975c6e4b3a7beec303001bc3d4516bdb98360cfc7cab64d 4818542 libtomcat8-java_8.5.14-1+deb9u2_all.deb
 9a7412cb962adfa893ffce7f623e77fe7f09f2bb82f9fd6fce1fa42c61548891 33290 tomcat8-admin_8.5.14-1+deb9u2_all.deb
 93cc3a21239ca967325d2ceb1526bd811b5d74d99ff8db1e35fce597d2c86c0f 63996 tomcat8-common_8.5.14-1+deb9u2_all.deb
 732025c53f73f0b4b9450c5d6cb90217f12a1abf5e94331f7325db88d09143c0 679772 tomcat8-docs_8.5.14-1+deb9u2_all.deb
 762cee0c6d50007d63d0e3bd6086bf523582ba0ef409ee1569390bdd139d4f73 188656 tomcat8-examples_8.5.14-1+deb9u2_all.deb
 3c179b1a7e637ab9f44220aa17976143affc56cf8ca2651dd9d3645f734a1fc9 38954 tomcat8-user_8.5.14-1+deb9u2_all.deb
 7ff7c8c5a937b8c6abc6a89bb2844da06afa30ba3c2b93994b10d02adeebca18 51114 tomcat8_8.5.14-1+deb9u2_all.deb
 0050ebcb68a5c8efd195d655cb790a4ac0577da2839f1382a9fe8d3de44b99be 13926 tomcat8_8.5.14-1+deb9u2_amd64.buildinfo
Files:
 8d7e73c6be03748abe683f8272f5f027 3116 java optional tomcat8_8.5.14-1+deb9u2.dsc
 24b01e41005339ba13adec470cceed31 44256 java optional tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 087842f447c09f944414a50bf6db3414 242020 doc optional libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 cf5dfc0ff41a898ff6970e046a8edfb5 393262 java optional libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 65e513a63f86b7c57833c20f939513ae 3870254 java optional libtomcat8-embed-java_8.5.14-1+deb9u2_all.deb
 aeaa5147a060c4acb5de2dea88c35e3b 4818542 java optional libtomcat8-java_8.5.14-1+deb9u2_all.deb
 2b8f5a4dd30fb9db444c28ddcc40566e 33290 java optional tomcat8-admin_8.5.14-1+deb9u2_all.deb
 0a6fcdbb0a8253b1ccd685355ee39162 63996 java optional tomcat8-common_8.5.14-1+deb9u2_all.deb
 25ab14385a799cac74178251b89b5f6a 679772 doc optional tomcat8-docs_8.5.14-1+deb9u2_all.deb
 be13964f743b2f1d9d883974afb15bd9 188656 java optional tomcat8-examples_8.5.14-1+deb9u2_all.deb
 b229bc952c63f0cc6ff28cc6a54d177d 38954 java optional tomcat8-user_8.5.14-1+deb9u2_all.deb
 513d6ab3dcd97a6e8bbe2725aef3a392 51114 java optional tomcat8_8.5.14-1+deb9u2_all.deb
 f30132d4c225ee10b001a5e863a3ea29 13926 java optional tomcat8_8.5.14-1+deb9u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlm7iapfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkA4YP/3TNfypWGwcZsaoY/gwBIxn8w31FGHqoL74k
rCvMJQUWRir9BYQ3J40EOq5tOvsPsDZ4o0thAMmLn3FYuyOmkR+cCsFwtZBSHzgF
BTd5Erk5KsLAKiTbZqix6diVocUziS6YfHl4IKK8L4hjCZIYJJ7sOW++uuYpDD+E
JnY0oYEbTJSZWs0p16cqfjLipx4vtwsVKBUJwzhMQZQgHUFTMghGiv0VAGsOp7WD
uccTOhdSZ8ll3z7DHgKF2WW0acHswgWzX/05CeKPFJpz1ekAr+REMhHQpJ0NOQ+X
phIcGp9cqu3ipKrpoIc9AX2AqfOVukDaC5SaUl0izJPaRF6YDlLWOPjd6ajKSHuF
2pzSSQdksLg4CRX8GZtemHNyBrWJ20AvFRQ1Toup3XBXWd5m9a898YzA6lQZ5tjm
/zGWyxwcALWjOR5gall98tZ8N9BTke8/FuwCGa2BhENvYJ26fiERJNCJBjWYLvTC
KCyuScih9xHQTy2vUvwPeh4y42sttp6BEybfvKL6rIazCnVQID66WW3JRnwixvXg
HyYBYX7BP0KDALr7OTFK+iXNFxeNgnUcQbRU8np29pHrTOkRTv+hIZsgCiTamPWI
pZ8EFfcqmZ7US5xzJtr9gYuvF5Xj3XD3wftiWu89/gnyCyiFHjg9ctBEAkE0Pj1t
2Ufaa5PP
=akvz
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the pkg-java-maintainers mailing list