Format: 1.8 Date: Wed, 21 Nov 2012 10:43:09 -0500 Source: tomcat6 Binary: tomcat6-common tomcat6 tomcat6-user libtomcat6-java libservlet2.5-java libservlet2.5-java-doc tomcat6-admin tomcat6-examples tomcat6-docs tomcat6-extras Architecture: all i386_translations Version: 6.0.32-5ubuntu1.3 Distribution: oneiric Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Marc Deslauriers Description: libservlet2.5-java - Servlet 2.5 and JSP 2.1 Java API classes libservlet2.5-java-doc - Servlet 2.5 and JSP 2.1 Java API documentation libtomcat6-java - Servlet and JSP engine -- core libraries tomcat6 - Servlet and JSP engine tomcat6-admin - Servlet and JSP engine -- admin web applications tomcat6-common - Servlet and JSP engine -- common files tomcat6-docs - Servlet and JSP engine -- documentation tomcat6-examples - Servlet and JSP engine -- example web applications tomcat6-extras - Servlet and JSP engine -- additional components tomcat6-user - Servlet and JSP engine -- tools to create user instances Changes: tomcat6 (6.0.32-5ubuntu1.3) oneiric-security; urgency=low . * SECURITY UPDATE: denial of service via large header data - debian/patches/0012-CVE-2012-2733.patch: improve size logic in java/org/apache/coyote/http11/InternalNioInputBuffer.java. - CVE-2012-2733 * SECURITY UPDATE: multiple HTTP Digest Access Authentication flaws - debian/patches/0013-CVE-2012-588x.patch: disable caching of an authenticated user in the session by default, track server rather than client nonces, better handling of stale nonce values in java/org/apache/catalina/authenticator/DigestAuthenticator.java. - CVE-2012-3439 - CVE-2012-5885 - CVE-2012-5886 - CVE-2012-5887 Checksums-Sha1: 63ae1275419b1299efd58191f8e8d0d972a476b2 40076 tomcat6-common_6.0.32-5ubuntu1.3_all.deb d87e6dcef129bb26d2042f9588c94dcc3b51a2bb 31356 tomcat6_6.0.32-5ubuntu1.3_all.deb 225bb7d9c164b645b192bca90eea782c668706ea 22982 tomcat6-user_6.0.32-5ubuntu1.3_all.deb 39f1576cfdfe2ae4799e8aa9d6005e4a33a9e7d3 3065458 libtomcat6-java_6.0.32-5ubuntu1.3_all.deb 0d2661a587c8f69f36b8a5d9a8935365212f7952 187356 libservlet2.5-java_6.0.32-5ubuntu1.3_all.deb cce98569736c624a8f44df6334cb0db9689a57d4 247454 libservlet2.5-java-doc_6.0.32-5ubuntu1.3_all.deb 651ed99cca28e12645c64c4beedb89a96735a9c1 40538 tomcat6-admin_6.0.32-5ubuntu1.3_all.deb 0c90c5774f110c288cccd426d6c8215d7855b5fa 154430 tomcat6-examples_6.0.32-5ubuntu1.3_all.deb 72b2fbeaf524aaa8af8a8e40d18a978848537891 541688 tomcat6-docs_6.0.32-5ubuntu1.3_all.deb 57cc7d0aed66ea9ec0a08977a0be859b672ab4c1 5710 tomcat6-extras_6.0.32-5ubuntu1.3_all.deb d2c3d8f4227387dff3f7431af957479370017a1b 6862 tomcat6_6.0.32-5ubuntu1.3_i386_translations.tar.gz Checksums-Sha256: 9a8730f16197c8405f3562cdecc0ccdc71e6cf6edf94f756ba81fb70af0b2ffa 40076 tomcat6-common_6.0.32-5ubuntu1.3_all.deb f61136c8ef349870652ba9308751e3fa102c0d4d94d68a0f73b4eb6f083b7297 31356 tomcat6_6.0.32-5ubuntu1.3_all.deb 316b70c6a08336b659467602e3930a383489f767660e2b12f5811973a8badb6f 22982 tomcat6-user_6.0.32-5ubuntu1.3_all.deb 6e426ad4c53cbc8c932ae3d594cb65c058e46be75e0389bde9b7b771a618faf6 3065458 libtomcat6-java_6.0.32-5ubuntu1.3_all.deb 2ba2ca505b6cad81c04ad4d9a02faa32212a4adac0b3e4f28e488cf05ce33236 187356 libservlet2.5-java_6.0.32-5ubuntu1.3_all.deb be1854c2a7035d3f902c050f61c394115de0ab38c1f04aabf52b1ba5e9b4a081 247454 libservlet2.5-java-doc_6.0.32-5ubuntu1.3_all.deb 7a57f45f649eae927993a3d5f63a16d60c6254c8c86fab005e864e84fb523505 40538 tomcat6-admin_6.0.32-5ubuntu1.3_all.deb 521e0ac90d8f3ca03d577089f53c0bd0fad8384d5fb284286454ec09508f13c8 154430 tomcat6-examples_6.0.32-5ubuntu1.3_all.deb 7dd72fb52a5a30a48bd73c856bc5bd4ae15d6720b862acfdf58b6bb5308ba9b2 541688 tomcat6-docs_6.0.32-5ubuntu1.3_all.deb bef443e627419a09d9f58184bdb87a61eec9bdc591c5df7ac19ca49040ce6ecc 5710 tomcat6-extras_6.0.32-5ubuntu1.3_all.deb 2497e8d25b2f160dd67a1c361f59cd43e487d25ba9d416c4755abfe6eb145027 6862 tomcat6_6.0.32-5ubuntu1.3_i386_translations.tar.gz Files: dad0b319ee1e787693e58330a7d4b722 40076 java optional tomcat6-common_6.0.32-5ubuntu1.3_all.deb 0796400ba3716e6781a96459e88b06d4 31356 java optional tomcat6_6.0.32-5ubuntu1.3_all.deb 64895649675760084e5b421c4eadd965 22982 java optional tomcat6-user_6.0.32-5ubuntu1.3_all.deb 80e6c7f3b6fc4afc289215d011582461 3065458 java optional libtomcat6-java_6.0.32-5ubuntu1.3_all.deb 9f36bae554bb0f2f29fc7a5354370b12 187356 java optional libservlet2.5-java_6.0.32-5ubuntu1.3_all.deb 8c787d7fa87e73d72ec304795ea6776b 247454 doc optional libservlet2.5-java-doc_6.0.32-5ubuntu1.3_all.deb 6f40efa386352738515bb8cf56a49216 40538 java optional tomcat6-admin_6.0.32-5ubuntu1.3_all.deb eb84ec5a7c40b7439fadec1853ed7c24 154430 java optional tomcat6-examples_6.0.32-5ubuntu1.3_all.deb 9e4c88be73fe823d9f2d8f535727d619 541688 doc optional tomcat6-docs_6.0.32-5ubuntu1.3_all.deb 97d13b949b6c20fa04806df046bba80e 5710 java optional tomcat6-extras_6.0.32-5ubuntu1.3_all.deb 18a13b8cf94e0cb2083b69820ee23799 6862 raw-translations - tomcat6_6.0.32-5ubuntu1.3_i386_translations.tar.gz Original-Maintainer: Debian Java Maintainers