[tomcat7] 02/02: Import Debian changes 7.0.28-4+deb7u15
Markus Koschany
apo at moszumanska.debian.org
Mon Oct 23 20:06:00 UTC 2017
This is an automated email from the git hooks/post-receive script.
apo pushed a commit to branch wheezy
in repository tomcat7.
commit 641f5b8d4fee29575fd51e5a3c2103d1f786b7de
Author: Markus Koschany <apo at debian.org>
Date: Sun Sep 24 16:35:16 2017 +0200
Import Debian changes 7.0.28-4+deb7u15
tomcat7 (7.0.28-4+deb7u15) wheezy-security; urgency=high
* Team upload.
* Fix CVE-2017-12616.
When using a VirtualDirContext it was possible to bypass security
constraints and/or view the source code of JSPs for resources served by the
VirtualDirContext using a specially crafted request.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat7.git
More information about the pkg-java-commits
mailing list