Accepted tomcat7 7.0.28-4+deb7u14 (source all) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 20 Jun 2017 22:23:35 +0200
Source: tomcat7
Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs
Architecture: source all
Version: 7.0.28-4+deb7u14
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes
libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation
libtomcat7-java - Servlet and JSP engine -- core libraries
tomcat7 - Servlet and JSP engine
tomcat7-admin - Servlet and JSP engine -- admin web applications
tomcat7-common - Servlet and JSP engine -- common files
tomcat7-docs - Servlet and JSP engine -- documentation
tomcat7-examples - Servlet and JSP engine -- example web applications
tomcat7-user - Servlet and JSP engine -- tools to create user instances
Closes: 864447
Changes:
tomcat7 (7.0.28-4+deb7u14) wheezy-security; urgency=high
.
* Team upload.
* Fix CVE-2017-5664.
The error page mechanism of the Java Servlet Specification requires that,
when an error occurs and an error page is configured for the error that
occurred, the original request and response are forwarded to the error
page. This means that the request is presented to the error page with the
original HTTP method. If the error page is a static file, expected
behaviour is to serve content of the file as if processing a GET request,
regardless of the actual HTTP method. The Default Servlet in Apache Tomcat
did not do this. Depending on the original request this could lead to
unexpected and undesirable results for static error pages including, if the
DefaultServlet is configured to permit writes, the replacement or removal
of the custom error page. (Closes: #864447)
Checksums-Sha1:
12563d105edc58624a25e8b108c57c3959db0a18 2799 tomcat7_7.0.28-4+deb7u14.dsc
a2a1464ff52e25bd39be3850466920c2a63285f6 194404 tomcat7_7.0.28-4+deb7u14.debian.tar.gz
187afb381243dc7299e6112b7c4ba236425f73f8 66952 tomcat7-common_7.0.28-4+deb7u14_all.deb
5ee6675f1064cba72c02b0c301963a4b04ad1811 54034 tomcat7_7.0.28-4+deb7u14_all.deb
b87429a36a5ec4ae426de708b3e0ef6b73a1901f 42304 tomcat7-user_7.0.28-4+deb7u14_all.deb
a2a8beab108ac8ff66f91a3d3562dd6e11e6e013 3510408 libtomcat7-java_7.0.28-4+deb7u14_all.deb
1a01c818369c174eeccdc422a6abcf2ed8459e30 308402 libservlet3.0-java_7.0.28-4+deb7u14_all.deb
db8522a0d1f7f58f072de34ed3e0f23d7f358443 322510 libservlet3.0-java-doc_7.0.28-4+deb7u14_all.deb
cc551ddc6deb5506186c3a9f6afc8348157c2acd 54902 tomcat7-admin_7.0.28-4+deb7u14_all.deb
0f654ca86a36a9fa034916475154d0ba106310e2 208622 tomcat7-examples_7.0.28-4+deb7u14_all.deb
86f86eed1d81131742fd2caf8d07c0622fb40a31 649618 tomcat7-docs_7.0.28-4+deb7u14_all.deb
Checksums-Sha256:
50596c6adc3fb16f40bc3900fe57b6abf97a61982d738873bc919904c619056d 2799 tomcat7_7.0.28-4+deb7u14.dsc
ba88ea4d31a4e8e77801fda3a4f07e890822dee89e78dc78be5fd8e5d3245193 194404 tomcat7_7.0.28-4+deb7u14.debian.tar.gz
557ec7418f375549f6040e0972ebcbd9d417eb85df624efe79ea696ec4f6c64f 66952 tomcat7-common_7.0.28-4+deb7u14_all.deb
4bdd84180e5aa89197759ba44b79f1526a89e43b97c33d3df4b99f6f79c9ed71 54034 tomcat7_7.0.28-4+deb7u14_all.deb
eb6bd9dc457c6abd95992335fd97f364f5de76a4b079e4e6728f2547de8e7525 42304 tomcat7-user_7.0.28-4+deb7u14_all.deb
2ae946b97d9407db3bb5bd3df4d7030c409db9b6259b671b4224743b43bfd13d 3510408 libtomcat7-java_7.0.28-4+deb7u14_all.deb
337f69254b844df33687cc48b9207aade790cebe58c588f48effdc3662bcfcac 308402 libservlet3.0-java_7.0.28-4+deb7u14_all.deb
06bf7d66e4bbeaadc660ac87e2b2c320011e820625f9bde3f27e459626868acc 322510 libservlet3.0-java-doc_7.0.28-4+deb7u14_all.deb
e0ce0bc257284932f824ef2934ed96274870b5ca87b724b9084cbada6d8fff40 54902 tomcat7-admin_7.0.28-4+deb7u14_all.deb
e84fd8069f4f5225dae6af31fa04abf7b58654fc8f8c6c304d893698e79cd31d 208622 tomcat7-examples_7.0.28-4+deb7u14_all.deb
567a48627aac057730021927c196991bae9a53c0281ce03d3a11b3933e7d86c7 649618 tomcat7-docs_7.0.28-4+deb7u14_all.deb
Files:
98f664be99b5d08f733ef6efebe3f65e 2799 java optional tomcat7_7.0.28-4+deb7u14.dsc
94c7854b12724a6b21c28f824c24c4c8 194404 java optional tomcat7_7.0.28-4+deb7u14.debian.tar.gz
7e502833cef1653cf59994fbdca958d0 66952 java optional tomcat7-common_7.0.28-4+deb7u14_all.deb
c0c1281730f706d9d0e4d65137005416 54034 java optional tomcat7_7.0.28-4+deb7u14_all.deb
8b94dab70c0af3b52a013a71b80975ca 42304 java optional tomcat7-user_7.0.28-4+deb7u14_all.deb
01b0ed8582a930c0727400c886a3929e 3510408 java optional libtomcat7-java_7.0.28-4+deb7u14_all.deb
41239f3552dd617d91930501d87f9efe 308402 java optional libservlet3.0-java_7.0.28-4+deb7u14_all.deb
b74753d08db5289d61a5d07cf9de570a 322510 doc optional libservlet3.0-java-doc_7.0.28-4+deb7u14_all.deb
88e1bba2822971aa5d24705bce08ff45 54902 java optional tomcat7-admin_7.0.28-4+deb7u14_all.deb
8108b15b8b0e8eb3c98f24e37d501dc0 208622 java optional tomcat7-examples_7.0.28-4+deb7u14_all.deb
b2047cdddb13c35c511e566acbb5ae40 649618 doc optional tomcat7-docs_7.0.28-4+deb7u14_all.deb
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAllJi8JfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hkq14QAJ3zKTNbKYla07PVG44TT13PNpR3/LqPQenT
qCe3j85CafVN2GUej2+c1o48M1rW31eyrTC9SaDpL1f0jmcFtHWudBk+mrIVJcsG
td9phtdxlo9y3NHXolVwkm+5Or5j9d6wTjytudK5VRKTWyWPwik6LB7Wip03jCDe
hE5EuUR3cRLlJGI9XbLSqdMQdjWJofnN0yco7zH1fu6gjRoA5F+AFp+fGbH8zdfs
1oRfgfO2Zsfc/8VsfBGtVJEsyGizElVx/sHubLFWgoabKW+IV9G7Qbso4y/YVi8U
bOdKHTUOgP5b8lLqwpst8hMJNB/wqks8366+100a7LnT2SCs1mQsNA2VAJP0snAN
4gZsAYZ6NrVB0Ro3maNORFPbwJpDG08gUZOZ7H41dYdFFyTMX5tu/UiArjh9oZ9E
1Gb6OVYx5gtIzVakBh8fwIa2B5zBSjp0ES/04FngPx7STB27rSoBXR5rBvDwDKjB
zlu1tgKMD7vx2ShJEJrHx/Qg1/GG3mgtOImozj7MrUKMiP6pmDuq8F4eXMgc2O0i
DQRqeDtABcigxcjht5efWMHi0XZjEkHo1eIXt/kq0N1io34Srz5zVlIL80vta3Qe
zQClHNPwapB+bcjIEFbQM23dWpgvuj44DIXzopSL4VO8qENumxMnDt0+qkN/G2yQ
fVzNiC1N
=HVqe
-----END PGP SIGNATURE-----