tomcat6 6.0.32-5ubuntu1.1 source package in Ubuntu

Changelog

tomcat6 (6.0.32-5ubuntu1.1) oneiric-security; urgency=low

  * SECURITY UPDATE: HTTP DIGEST authentication weaknesses
    - debian/patches/0014-CVE-2011-1184.patch: add new nonce options in
      java/org/apache/catalina/authenticator/DigestAuthenticator.java,
      java/org/apache/catalina/authenticator/LocalStrings.properties,
      java/org/apache/catalina/authenticator/mbeans-descriptors.xml,
      java/org/apache/catalina/realm/RealmBase.java,
      webapps/docs/config/valve.xml.
    - CVE-2011-1184
  * SECURITY UPDATE: file restriction bypass or denial of service via
    untrusted web application.
    - debian/patches/0015-CVE-2011-2526.patch: check canonical name in
      java/org/apache/catalina/connector/LocalStrings.properties,
      java/org/apache/catalina/connector/Request.java,
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/LocalStrings.properties,
      java/org/apache/tomcat/util/net/AprEndpoint.java,
      java/org/apache/tomcat/util/net/NioEndpoint.java.
    - CVE-2011-2526
 -- Marc Deslauriers <email address hidden>   Thu, 13 Oct 2011 16:41:43 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2011-10-13
Uploaded to:
Oneiric
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
java
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Oneiric: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
tomcat6_6.0.32.orig.tar.gz 3.0 MiB 2a9cc5f162794560fd848bb4988e931eb9f12f69449dac725213ff46d5bbf2fc
tomcat6_6.0.32-5ubuntu1.1.debian.tar.gz 52.2 KiB 6552e5a2a1cd648a727978b60edc32b02322757405faac0295943c4c472a0186
tomcat6_6.0.32-5ubuntu1.1.dsc 2.3 KiB e646398b13785ac719cc2f5d0fbcfcd4728531415e15f7450f0ccc03b8716398

View changes file

Binary packages built by this source

libservlet2.5-java: No summary available for libservlet2.5-java in ubuntu oneiric.

No description available for libservlet2.5-java in ubuntu oneiric.

libservlet2.5-java-doc: No summary available for libservlet2.5-java-doc in ubuntu oneiric.

No description available for libservlet2.5-java-doc in ubuntu oneiric.

libtomcat6-java: No summary available for libtomcat6-java in ubuntu oneiric.

No description available for libtomcat6-java in ubuntu oneiric.

tomcat6: No summary available for tomcat6 in ubuntu oneiric.

No description available for tomcat6 in ubuntu oneiric.

tomcat6-admin: No summary available for tomcat6-admin in ubuntu oneiric.

No description available for tomcat6-admin in ubuntu oneiric.

tomcat6-common: No summary available for tomcat6-common in ubuntu oneiric.

No description available for tomcat6-common in ubuntu oneiric.

tomcat6-docs: No summary available for tomcat6-docs in ubuntu oneiric.

No description available for tomcat6-docs in ubuntu oneiric.

tomcat6-examples: No summary available for tomcat6-examples in ubuntu oneiric.

No description available for tomcat6-examples in ubuntu oneiric.

tomcat6-extras: No summary available for tomcat6-extras in ubuntu oneiric.

No description available for tomcat6-extras in ubuntu oneiric.

tomcat6-user: No summary available for tomcat6-user in ubuntu oneiric.

No description available for tomcat6-user in ubuntu oneiric.