tomcat7 7.0.52-1ubuntu0.14 source package in Ubuntu
Changelog
tomcat7 (7.0.52-1ubuntu0.14) trusty-security; urgency=medium * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749) - debian/patches/CVE-2017-1261x.patch: add checks to java/org/apache/catalina/servlets/DefaultServlet.java java/org/apache/naming/resources/FileDirContext.java, java/org/apache/naming/resources/JrePlatform.java, java/org/apache/naming/resources/LocalStrings.properties, java/org/apache/naming/resources/VirtualDirContext.java, test/org/apache/naming/resources/TestFileDirContext.java. - CVE-2017-12616 - CVE-2017-12617 * SECURITY UPDATE: security constraints mapped to context root are ignored - debian/patches/CVE-2018-1304.patch: add check to java/org/apache/catalina/realm/RealmBase.java. - CVE-2018-1304 * SECURITY UPDATE: security constraint annotations applied too late - debian/patches/CVE-2018-1305.patch: change ordering in java/org/apache/catalina/Wrapper.java, java/org/apache/catalina/authenticator/AuthenticatorBase.java, java/org/apache/catalina/core/ApplicationContext.java, java/org/apache/catalina/core/ApplicationServletRegistration.java, java/org/apache/catalina/core/StandardContext.java, java/org/apache/catalina/core/StandardWrapper.java, java/org/apache/catalina/startup/ContextConfig.java, java/org/apache/catalina/startup/Tomcat.java, java/org/apache/catalina/startup/WebAnnotationSet.java. - CVE-2018-1305 * SECURITY UPDATE: CORS filter has insecure defaults - debian/patches/CVE-2018-8014.patch: change defaults in java/org/apache/catalina/filters/CorsFilter.java, java/org/apache/catalina/filters/LocalStrings.properties, test/org/apache/catalina/filters/TestCorsFilter.java, test/org/apache/catalina/filters/TesterFilterConfigs.java. - CVE-2018-8014 -- Marc Deslauriers <email address hidden> Tue, 29 May 2018 10:22:42 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- java
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| tomcat7_7.0.52.orig.tar.gz | 4.1 MiB | feaf30f38df1cda467ce04ceec09a4e06ad8cf499cc800fa1ece74ef836cedb1 |
| tomcat7_7.0.52-1ubuntu0.14.debian.tar.gz | 147.2 KiB | 509863f2b867f883eaadaf7266dfb988d0a40cdfaca4b6fe97864ff7e5bcaa86 |
| tomcat7_7.0.52-1ubuntu0.14.dsc | 2.7 KiB | 01b637e92745fbbeb990440285647f9b1b67912295dd1a6c2067230f70a76d26 |
Available diffs
Binary packages built by this source
- libservlet3.0-java: Servlet 3.0 and JSP 2.2 Java API classes
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains the Java Servlet and JSP library.
- libservlet3.0-java-doc: Servlet 3.0 and JSP 2.2 Java API documentation
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains the documentation for the Java Servlet and JSP library.
- libtomcat7-java: Servlet and JSP engine -- core libraries
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains the Tomcat core classes which can be used by other
Java applications to embed Tomcat.
- tomcat7: Servlet and JSP engine
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains only the startup scripts for the system-wide daemon.
No documentation or web applications are included here, please install
the tomcat7-docs and tomcat7-examples packages if you want them.
Install the authbind package if you need to use Tomcat on ports 1-1023.
Install tomcat7-user instead of this package if you don't want Tomcat to
start as a service.
- tomcat7-admin: Servlet and JSP engine -- admin web applications
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains the administrative web interfaces.
- tomcat7-common: Servlet and JSP engine -- common files
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains common files needed by the tomcat7 and tomcat7-user
packages (Tomcat 6 scripts and libraries).
- tomcat7-docs: Servlet and JSP engine -- documentation
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains the online documentation web application.
- tomcat7-examples: Servlet and JSP engine -- example web applications
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains the default Tomcat example webapps.
- tomcat7-user: Servlet and JSP engine -- tools to create user instances
Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
specifications from Sun Microsystems, and provides a "pure Java" HTTP web
server environment for Java code to run.
.
This package contains files needed to create a user Tomcat instance.
This user Tomcat instance can be started and stopped using the scripts
provided in the Tomcat instance directory.
