Ubuntu
tomcat9 package

Change logs for tomcat9 source package in Groovy

  1. Groovy (20.10)
  2. Change log 
  • tomcat9 (9.0.37-3) unstable; urgency=medium

  * control: Bump build-dep on bnd, drop bnd compat and re-export patches.
    (Closes: #964433)

 -- Timo Aaltonen <email address hidden>  Thu, 06 Aug 2020 18:59:11 +0300
  • tomcat9 (9.0.37-2) unstable; urgency=medium

  * d/p/0029-fix-regression-in-bz64540.patch: Re-export util.net.jsse
    and util.modeler.modules. (Closes: #964433)

 -- Timo Aaltonen <email address hidden>  Tue, 28 Jul 2020 14:09:13 +0300
  • tomcat9 (9.0.37-1) unstable; urgency=medium

  * New upstream release
    - Refreshed the patches
    - Fixed the compatibility with the version of bnd in Debian
  * Restored execute permission on /var/log/tomcat9 to the adm group

 -- Emmanuel Bourg <email address hidden>  Mon, 06 Jul 2020 22:39:32 +0200
  • tomcat9 (9.0.36-1) unstable; urgency=medium

  * New upstream release
    - Refreshed the patches
  * Grant write access on /var/log/tomcat9 to the adm group (LP: #1861881)

 -- Emmanuel Bourg <email address hidden>  Tue, 23 Jun 2020 11:47:47 +0200
  • tomcat9 (9.0.35-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2020-9484: Remote Code Execution via session persistence (Closes: #961209)
    - Refreshed the patches

 -- Emmanuel Bourg <email address hidden>  Thu, 21 May 2020 15:50:03 +0200
  • tomcat9 (9.0.34-1) unstable; urgency=medium

  * New upstream release
    - Refreshed the patches
  * Depend on libeclipse-jdt-core-java (>= 3.18.0)
  * Switch to debhelper level 12

 -- Emmanuel Bourg <email address hidden>  Mon, 27 Apr 2020 00:36:59 +0200
  • tomcat9 (9.0.31-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2019-10072: Denial of Service (Closes: #930872)
    - Fixes CVE-2019-12418: Local Privilege Escalation
    - Fixes CVE-2019-17563: Session fixation attack
    - Fixes CVE-2019-17569: HTTP Request Smuggling
    - Fixes CVE-2020-1935: HTTP Request Smuggling
    - Fixes CVE-2020-1938: AJP Request Injection (Closes: #952437)
    - Fixes CATALINA_PID handling in catalina.sh (Closes: #948553)
    - Refreshed the patches
    - Fixed the compilation with Java 11
  * Moved the RequiresMountsFor directive in the service file
    to the Unit section (Closes: #942316)
  * Tightened the dependency on systemd (Closes: #931997)
  * Standards-Version updated to 4.5.0

 -- Emmanuel Bourg <email address hidden>  Mon, 24 Feb 2020 23:37:00 +0100