Format: 1.8 Date: Wed, 11 Sep 2019 16:47:51 -0300 Source: tomcat9 Binary: tomcat9-common tomcat9 tomcat9-user libtomcat9-java libtomcat9-embed-java tomcat9-admin tomcat9-examples tomcat9-docs Architecture: all Version: 9.0.16-3ubuntu0.18.04.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Emilia Torino Description: libtomcat9-embed-java - Apache Tomcat 9 - Servlet and JSP engine -- embed libraries libtomcat9-java - Apache Tomcat 9 - Servlet and JSP engine -- core libraries tomcat9 - Apache Tomcat 9 - Servlet and JSP engine tomcat9-admin - Apache Tomcat 9 - Servlet and JSP engine -- admin web application tomcat9-common - Apache Tomcat 9 - Servlet and JSP engine -- common files tomcat9-docs - Apache Tomcat 9 - Servlet and JSP engine -- documentation tomcat9-examples - Apache Tomcat 9 - Servlet and JSP engine -- example web applicati tomcat9-user - Apache Tomcat 9 - Servlet and JSP engine -- tools to create user Changes: tomcat9 (9.0.16-3ubuntu0.18.04.1) bionic-security; urgency=medium . * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221 * SECURITY UPDATE: DoS via thread exhaustion - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout handling to connection window exhaustion on write. - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle full allocation case. - CVE-2019-10072 Checksums-Sha1: 20501edfbeaa0ef254489abdf82d98c169217ce2 4040944 libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.1_all.deb 3ecc4352fcf101aacf1c60778fb6463f21f2a94d 5748388 libtomcat9-java_9.0.16-3ubuntu0.18.04.1_all.deb 367022916e92014aea5d390695ae2707770ef071 24524 tomcat9-admin_9.0.16-3ubuntu0.18.04.1_all.deb 7f8fcf02af07ab29ce84cf4159849d5bcbeea7fb 59720 tomcat9-common_9.0.16-3ubuntu0.18.04.1_all.deb d82f5ebc2bca7e072300f09695c97d29f82aabf6 616236 tomcat9-docs_9.0.16-3ubuntu0.18.04.1_all.deb ea508f693fd64232ddce784538c4d21024956157 386308 tomcat9-examples_9.0.16-3ubuntu0.18.04.1_all.deb ac150a6a7fd74ffd7471e03b3026985a157a9989 32412 tomcat9-user_9.0.16-3ubuntu0.18.04.1_all.deb af8517004166d6e98a2993be6a1e8dc00a6197fc 35868 tomcat9_9.0.16-3ubuntu0.18.04.1_all.deb 912a42d9aade1433248d06513a81600ddf6a0aec 11819 tomcat9_9.0.16-3ubuntu0.18.04.1_amd64.buildinfo Checksums-Sha256: af0244a3e8e48439c44ea9fd107a1b6b455f46139a572ed21a25342b31192cc3 4040944 libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.1_all.deb 182df27597728a19fa5e35aa96de623bc47142c0c01f05b981ae49f0a1c996f4 5748388 libtomcat9-java_9.0.16-3ubuntu0.18.04.1_all.deb dc414fc9514a901b2990c797e634c22cdfd5c8dfde55d7b830948646237d5b3c 24524 tomcat9-admin_9.0.16-3ubuntu0.18.04.1_all.deb 8c4be26e228dd963d635bbf5be9fe4b327bc958bceeb678af44b099d1b5311cc 59720 tomcat9-common_9.0.16-3ubuntu0.18.04.1_all.deb 3fed42025b224c3313a3392a06b37ea023478359394ccdd42d1b7b65adcedeaa 616236 tomcat9-docs_9.0.16-3ubuntu0.18.04.1_all.deb 9390f5e11007715ec4cb69df8a158495148c627702ea07da8e58477422d0c105 386308 tomcat9-examples_9.0.16-3ubuntu0.18.04.1_all.deb 1576249ceb9cd886e1e72a1aa04dce87ef4de57a258af43c6beedd526744af4a 32412 tomcat9-user_9.0.16-3ubuntu0.18.04.1_all.deb b5fcae2b41a01f8044b8094e850bed29fe8e708e10d2374c0737b85469160580 35868 tomcat9_9.0.16-3ubuntu0.18.04.1_all.deb fdbe354e2663822653d484e7c81e8b1ee5e87557f46a80dce727f98a11a6a0bd 11819 tomcat9_9.0.16-3ubuntu0.18.04.1_amd64.buildinfo Files: 705fdb0a97113d8d4c1e1dfd34a13c6b 4040944 java optional libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.1_all.deb 72e2dd3dc7384779cab6b839082c155e 5748388 java optional libtomcat9-java_9.0.16-3ubuntu0.18.04.1_all.deb 112f10b1d6ec1f2b6d2be8a1afcef1ad 24524 java optional tomcat9-admin_9.0.16-3ubuntu0.18.04.1_all.deb 0bd9c8a7e52d4a6ca52c185562b5a0a8 59720 java optional tomcat9-common_9.0.16-3ubuntu0.18.04.1_all.deb 345ac0466b3c9473f69f94c99bc55818 616236 doc optional tomcat9-docs_9.0.16-3ubuntu0.18.04.1_all.deb 718644107a45ed45c4ae6998ce370b7b 386308 java optional tomcat9-examples_9.0.16-3ubuntu0.18.04.1_all.deb 3de46141d756cdfa0ddd685bd2caaa54 32412 java optional tomcat9-user_9.0.16-3ubuntu0.18.04.1_all.deb 2903ba32afb8297831279791258a929c 35868 java optional tomcat9_9.0.16-3ubuntu0.18.04.1_all.deb 0f7dddf8f82ef76b808b5d831fce439d 11819 java optional tomcat9_9.0.16-3ubuntu0.18.04.1_amd64.buildinfo Original-Maintainer: Debian Java Maintainers