Ubuntu

“tomcat7” 7.0.30-0ubuntu1.2 source package in Ubuntu

Changelog

tomcat7 (7.0.30-0ubuntu1.2) quantal-security; urgency=low

  * SECURITY UPDATE: FORM authentication request injection
    - debian/patches/CVE-2013-2067.patch: properly change session ID
      in java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2013-2067
  * SECURITY UPDATE: information leak via AsyncListeners and
    RuntimeExceptions (LP: #1178645)
    - debian/patches/CVE-2013-2071.patch: catch RuntimeExceptions in
      java/org/apache/catalina/core/AsyncContextImpl.java, added tests to
      test/org/apache/catalina/core/TestAsyncContextImpl.java.
    - CVE-2013-2071
  * Fix FTBFS due to expired test certificates:
    - d/keystores/*.jks: Newer keystores from upstream 7.0.39.
    - d/rules: Install newer keystores for testing, tidy up after use.
    - d/p/0018-update-test-certificates.patch: Cherry picked fixes from
      upstream VCS to update text based certificates.
 -- Marc Deslauriers <email address hidden>   Thu, 23 May 2013 09:04:36 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2013-05-23
Uploaded to:
Quantal
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
all
Section:
java
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Quantal: [FULLYBUILT] i386

Downloads

File Size MD5 Checksum
tomcat7_7.0.30.orig.tar.gz 3.8 MiB 67b9ded35c20664bbc63ce4e8503b2a8
tomcat7_7.0.30-0ubuntu1.2.debian.tar.gz 71.2 KiB 1b6b647fd139c602a44f04654dc6cfb3
tomcat7_7.0.30-0ubuntu1.2.dsc 2.7 KiB 1804b5be695fb1fe7cc32e2d6ff14cfc

Binary packages built by this source

libservlet3.0-java: Servlet 3.0 and JSP 2.2 Java API classes

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains the Java Servlet and JSP library.

libservlet3.0-java-doc: Servlet 3.0 and JSP 2.2 Java API documentation

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains the documentation for the Java Servlet and JSP library.

libtomcat7-java: Servlet and JSP engine -- core libraries

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains the Tomcat core classes which can be used by other
 Java applications to embed Tomcat.

tomcat7: Servlet and JSP engine

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains only the startup scripts for the system-wide daemon.
 No documentation or web applications are included here, please install
 the tomcat7-docs and tomcat7-examples packages if you want them.
 Install the authbind package if you need to use Tomcat on ports 1-1023.
 Install tomcat7-user instead of this package if you don't want Tomcat to
 start as a service.

tomcat7-admin: Servlet and JSP engine -- admin web applications

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains the administrative web interfaces.

tomcat7-common: Servlet and JSP engine -- common files

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains common files needed by the tomcat7 and tomcat7-user
 packages (Tomcat 6 scripts and libraries).

tomcat7-docs: Servlet and JSP engine -- documentation

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains the online documentation web application.

tomcat7-examples: Servlet and JSP engine -- example web applications

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains the default Tomcat example webapps.

tomcat7-user: Servlet and JSP engine -- tools to create user instances

 Apache Tomcat implements the Java Servlet and the JavaServer Pages (JSP)
 specifications from Sun Microsystems, and provides a "pure Java" HTTP web
 server environment for Java code to run.
 .
 This package contains files needed to create a user Tomcat instance.
 This user Tomcat instance can be started and stopped using the scripts
 provided in the Tomcat instance directory.