-
tomcat9 (9.0.37-3) unstable; urgency=medium
* control: Bump build-dep on bnd, drop bnd compat and re-export patches.
(Closes: #964433)
-- Timo Aaltonen <email address hidden> Thu, 06 Aug 2020 18:59:11 +0300
-
tomcat9 (9.0.37-2) unstable; urgency=medium
* d/p/0029-fix-regression-in-bz64540.patch: Re-export util.net.jsse
and util.modeler.modules. (Closes: #964433)
-- Timo Aaltonen <email address hidden> Tue, 28 Jul 2020 14:09:13 +0300
-
tomcat9 (9.0.37-1) unstable; urgency=medium
* New upstream release
- Refreshed the patches
- Fixed the compatibility with the version of bnd in Debian
* Restored execute permission on /var/log/tomcat9 to the adm group
-- Emmanuel Bourg <email address hidden> Mon, 06 Jul 2020 22:39:32 +0200
-
tomcat9 (9.0.36-1) unstable; urgency=medium
* New upstream release
- Refreshed the patches
* Grant write access on /var/log/tomcat9 to the adm group (LP: #1861881)
-- Emmanuel Bourg <email address hidden> Tue, 23 Jun 2020 11:47:47 +0200
-
tomcat9 (9.0.35-1) unstable; urgency=medium
* New upstream release
- Fixes CVE-2020-9484: Remote Code Execution via session persistence (Closes: #961209)
- Refreshed the patches
-- Emmanuel Bourg <email address hidden> Thu, 21 May 2020 15:50:03 +0200
-
tomcat9 (9.0.34-1) unstable; urgency=medium
* New upstream release
- Refreshed the patches
* Depend on libeclipse-jdt-core-java (>= 3.18.0)
* Switch to debhelper level 12
-- Emmanuel Bourg <email address hidden> Mon, 27 Apr 2020 00:36:59 +0200
-
tomcat9 (9.0.31-1) unstable; urgency=medium
* New upstream release
- Fixes CVE-2019-10072: Denial of Service (Closes: #930872)
- Fixes CVE-2019-12418: Local Privilege Escalation
- Fixes CVE-2019-17563: Session fixation attack
- Fixes CVE-2019-17569: HTTP Request Smuggling
- Fixes CVE-2020-1935: HTTP Request Smuggling
- Fixes CVE-2020-1938: AJP Request Injection (Closes: #952437)
- Fixes CATALINA_PID handling in catalina.sh (Closes: #948553)
- Refreshed the patches
- Fixed the compilation with Java 11
* Moved the RequiresMountsFor directive in the service file
to the Unit section (Closes: #942316)
* Tightened the dependency on systemd (Closes: #931997)
* Standards-Version updated to 4.5.0
-- Emmanuel Bourg <email address hidden> Mon, 24 Feb 2020 23:37:00 +0100