Accepted tomcat7 7.0.56-3+deb8u11 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 20 Jun 2017 20:10:32 +0200
Source: tomcat7
Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs
Architecture: source all
Version: 7.0.56-3+deb8u11
Distribution: jessie-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes
libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation
libtomcat7-java - Servlet and JSP engine -- core libraries
tomcat7 - Servlet and JSP engine
tomcat7-admin - Servlet and JSP engine -- admin web applications
tomcat7-common - Servlet and JSP engine -- common files
tomcat7-docs - Servlet and JSP engine -- documentation
tomcat7-examples - Servlet and JSP engine -- example web applications
tomcat7-user - Servlet and JSP engine -- tools to create user instances
Closes: 864447
Changes:
tomcat7 (7.0.56-3+deb8u11) jessie-security; urgency=high
.
* Team upload.
* Fix CVE-2017-5664.
The error page mechanism of the Java Servlet Specification requires that,
when an error occurs and an error page is configured for the error that
occurred, the original request and response are forwarded to the error
page. This means that the request is presented to the error page with the
original HTTP method. If the error page is a static file, expected
behaviour is to serve content of the file as if processing a GET request,
regardless of the actual HTTP method. The Default Servlet in Apache Tomcat
did not do this. Depending on the original request this could lead to
unexpected and undesirable results for static error pages including, if the
DefaultServlet is configured to permit writes, the replacement or removal
of the custom error page. (Closes: #864447)
Checksums-Sha1:
939d4a334454dcf7f7f4c114f256a0afdef4923e 2929 tomcat7_7.0.56-3+deb8u11.dsc
61e081f1c2ba4daf7673fc55bffd4502c47d4661 96236 tomcat7_7.0.56-3+deb8u11.debian.tar.xz
c01869d335c98cf6f03c6aa7e0b45b41baed98a1 64496 tomcat7-common_7.0.56-3+deb8u11_all.deb
86433fabed4861cc2fa144360ed969e893452f94 53466 tomcat7_7.0.56-3+deb8u11_all.deb
1f1e6b8a75c8b69ae2281f84910d7840a30c51bb 40896 tomcat7-user_7.0.56-3+deb8u11_all.deb
bee90e719113503208526733525957ad36749df6 3633608 libtomcat7-java_7.0.56-3+deb8u11_all.deb
69cdb4a056b89df87fea2e0911d75ca938023d93 316844 libservlet3.0-java_7.0.56-3+deb8u11_all.deb
0eafbaaee0fbbb315b49ef73b06e65b268575a5e 207024 libservlet3.0-java-doc_7.0.56-3+deb8u11_all.deb
793b29b4fc00caaa5735e60b58b5b68956ac1e27 41882 tomcat7-admin_7.0.56-3+deb8u11_all.deb
24902e3366d3ba7f5320213e44f878e7dec8e6c3 199950 tomcat7-examples_7.0.56-3+deb8u11_all.deb
2f1a371274bf1751f6aa9f5ac148c20adeaf6eac 605998 tomcat7-docs_7.0.56-3+deb8u11_all.deb
Checksums-Sha256:
43d09ed416f64325de238e38754dc846a5a83268653d653569ac769a1d88c980 2929 tomcat7_7.0.56-3+deb8u11.dsc
75f5cc97f9619ca614f1a8b14d6d404639dad1da6355107c78998d708aae0a66 96236 tomcat7_7.0.56-3+deb8u11.debian.tar.xz
7cbdba90cb90b53de06dbf4fa4a3faa2db26c0eb043023c1bed19ba19eeddb06 64496 tomcat7-common_7.0.56-3+deb8u11_all.deb
8b02869403c7f0ff391b0c380b4c6a96f5076beafceaa36b056db6836ba0e367 53466 tomcat7_7.0.56-3+deb8u11_all.deb
f357ddff6ee36db7cf23aa9c606678996147fcae1cfec4aed5c48b95190e8441 40896 tomcat7-user_7.0.56-3+deb8u11_all.deb
9b43105fbbe9d881815c66a79ccd4feabe15f8dd90d691b78d52decf06d51733 3633608 libtomcat7-java_7.0.56-3+deb8u11_all.deb
e8326e6df4f68c5706be7181a9add071db17c9fdc0bdd4e251fa7dfcb28d92b6 316844 libservlet3.0-java_7.0.56-3+deb8u11_all.deb
1ab06d1470f469f54584f28324b14f44c67cbbe9b1de99fcd9cde41eadee157c 207024 libservlet3.0-java-doc_7.0.56-3+deb8u11_all.deb
5aaae5b92ac6bc7d91499c278aeb466cbf985f589698a62647bb7931849bece6 41882 tomcat7-admin_7.0.56-3+deb8u11_all.deb
33ac8b25c92f418d8cc030920b526fdf939dee3d6c80d495c815131b8aa8bfe2 199950 tomcat7-examples_7.0.56-3+deb8u11_all.deb
9a25c25d233bd08edd662af3efbfbd781a28192edefc71325bebb6ecdb8980d3 605998 tomcat7-docs_7.0.56-3+deb8u11_all.deb
Files:
717f5793bb4541887183d384b207df8a 2929 java optional tomcat7_7.0.56-3+deb8u11.dsc
f41f9cfa9566ff45cdd5770210232657 96236 java optional tomcat7_7.0.56-3+deb8u11.debian.tar.xz
e623e1773c6ad78ca8cdb78a0a0fb57d 64496 java optional tomcat7-common_7.0.56-3+deb8u11_all.deb
689ce1a74b0644ef3ec1eb493505cdba 53466 java optional tomcat7_7.0.56-3+deb8u11_all.deb
32f53491a5d2e47bec84d1038011ac02 40896 java optional tomcat7-user_7.0.56-3+deb8u11_all.deb
c87d3519c9a67bab96386cee121ab417 3633608 java optional libtomcat7-java_7.0.56-3+deb8u11_all.deb
364a6933ef97a89afe6342c66ccfe30e 316844 java optional libservlet3.0-java_7.0.56-3+deb8u11_all.deb
264526e5b2e90ab534b8a37681c2e95c 207024 doc optional libservlet3.0-java-doc_7.0.56-3+deb8u11_all.deb
bdcf862411c8d8371014a0147de2cfb2 41882 java optional tomcat7-admin_7.0.56-3+deb8u11_all.deb
4e3daaedfb565f4279fab71e92962835 199950 java optional tomcat7-examples_7.0.56-3+deb8u11_all.deb
53a84668ac5984cefd64fb3f48927638 605998 doc optional tomcat7-docs_7.0.56-3+deb8u11_all.deb
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAllJaMZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkIecP/RMhXnq9qZE+iXSYQVVp/wxTGdMns5KY+xTE
akmgUXn2vGvlr0xO+zC7O4qypwPf5LDTJLq3KFHmmzqUKxCzWLqaKpKy22ln58rj
QmgDQRXItnt52ETcfazftSlFCxsXA2A4bKWvPBzuN9ERRiT64iTjHA9Ml7XmQdpT
fLi9ogmnYuQuD4xdAtWgmWE9VxMQMdK3EoFFGuuLdEjeEa1g60GGDImjTy9+4N4l
o7JDxzzlOR53s9XEk+45Sx5Fi3hf7A7oeJ1QZhFHguazBZQUDAlGpB4+dCrSwvS9
uMaymHqJHJA9+kNxQ+RqEfWhvYLIAqERIYH2WOzHMmiQ7MHX4P1kjiS2CHquHPkQ
STGj0VkdjFYIaEndeco15Zjc77G9R/DdWFHyAp2/jB2PSaZmA4gjWOvvXp+aS44E
JE52RiCc8TJdKL2ty8RyWo/FxFtuHNv3ykNN4qXak7bHeWvwC1160dZQUf/9m5HY
LssJJ3nXR8ejuVLNgj/IJUlRRWu5v7/yvdRb76DjoNQMeFV+EEVX4CSxiTJclAcP
TIWEqJJNeB1usnlA0ZdCap2notbPGVg9Kk0FBIH29b6O1DQDRm6GuavYxdR52clT
Y8dpmwYG5UUzrb8/Peb9675t6F5stbWZWqvk3K23QNWsb5Cdxk6Gh0Y45fUfQCjt
M7yQWxZo
=7xWr
-----END PGP SIGNATURE-----