Back to tomcat9 PTS page

Accepted tomcat9 9.0.31-1~deb10u1 (source all) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted tomcat9 9.0.31-1~deb10u1 (source all) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 09 May 2020 15:33:16 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1jXRTY-0006AJ-Nz@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 25 Apr 2020 14:24:56 +0200
Source: tomcat9
Binary: libtomcat9-embed-java libtomcat9-java tomcat9 tomcat9-admin tomcat9-common tomcat9-docs tomcat9-examples tomcat9-user
Architecture: source all
Version: 9.0.31-1~deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 libtomcat9-embed-java - Apache Tomcat 9 - Servlet and JSP engine -- embed libraries
 libtomcat9-java - Apache Tomcat 9 - Servlet and JSP engine -- core libraries
 tomcat9    - Apache Tomcat 9 - Servlet and JSP engine
 tomcat9-admin - Apache Tomcat 9 - Servlet and JSP engine -- admin web application
 tomcat9-common - Apache Tomcat 9 - Servlet and JSP engine -- common files
 tomcat9-docs - Apache Tomcat 9 - Servlet and JSP engine -- documentation
 tomcat9-examples - Apache Tomcat 9 - Servlet and JSP engine -- example web applicati
 tomcat9-user - Apache Tomcat 9 - Servlet and JSP engine -- tools to create user
Changes:
 tomcat9 (9.0.31-1~deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Backport 9.0.31-1 to Buster to fix CVE-2020-1938, CVE-2020-1935,
     CVE-2019-17569, CVE-2019-17563, CVE-2019-12418 and CVE-2019-10072.
     The fix for CVE-2020-1938 may require configuration changes when Tomcat is
     used with the AJP protocol, e.g. in combination with libapache-mod-jk. For
     instance the attribute secretRequired is set to true by default now. Server
     admins should carefully investigate the impact of the changes before
     upgrading.
     See also https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html
Checksums-Sha1:
 f18787a7af2ec42269afc7b6560e543d56ecf454 2889 tomcat9_9.0.31-1~deb10u1.dsc
 6dce5750da0a116b733f87b29bd896809d3926c9 3853428 tomcat9_9.0.31.orig.tar.xz
 b4d7e7d3a615e557d87bd9b5e670d94d14e8708c 33880 tomcat9_9.0.31-1~deb10u1.debian.tar.xz
 823c3935d93ace6301af7c1d7c546d5c43e092e4 4097436 libtomcat9-embed-java_9.0.31-1~deb10u1_all.deb
 aabf3c04b63026f0e678138a25b9b49162188b40 5844208 libtomcat9-java_9.0.31-1~deb10u1_all.deb
 5eb6a60d5b644603625d344c3e333f1e265b32f9 33480 tomcat9-admin_9.0.31-1~deb10u1_all.deb
 81bd6d470baf7acc785098be5b81a4062b01ee4b 68704 tomcat9-common_9.0.31-1~deb10u1_all.deb
 6855887d7530166ec969df0aca17c9aeb8129056 704680 tomcat9-docs_9.0.31-1~deb10u1_all.deb
 74b9a0100080794d9a6cc7fa1521295c9dc74f78 190572 tomcat9-examples_9.0.31-1~deb10u1_all.deb
 e3e8cdbef7445f37e10877999474e0c164c820c3 41628 tomcat9-user_9.0.31-1~deb10u1_all.deb
 834509aa2d4669574038f8df1c5083f4efdf1094 45352 tomcat9_9.0.31-1~deb10u1_all.deb
 0a9568b4f0059129d29ae0d413321e7be645d673 13742 tomcat9_9.0.31-1~deb10u1_amd64.buildinfo
Checksums-Sha256:
 257740f4ed15eda45a5149e44d9bca82cacc31fd08013334692fdabce6270ad0 2889 tomcat9_9.0.31-1~deb10u1.dsc
 d8d61755c7d670f44b58d5863a79b0f1e900c3a832d74d9b57d6bdc130bbd6c8 3853428 tomcat9_9.0.31.orig.tar.xz
 ad3f2fc89b20fd4c9a40fe432715389af79e90161d2eccabb9363c12ff9e0172 33880 tomcat9_9.0.31-1~deb10u1.debian.tar.xz
 249d6fcf6a012c1281e625880253374169b37d355ea37c1a158b748960e24abe 4097436 libtomcat9-embed-java_9.0.31-1~deb10u1_all.deb
 ff1d46c2c79cc6d18badd29bffb6e3c95e4903b3ec0caef9950f3a4efddf1435 5844208 libtomcat9-java_9.0.31-1~deb10u1_all.deb
 b2f63e60d406d9f7d4a42c4f579a61edc40858993f26053ddcd73d99c53482e8 33480 tomcat9-admin_9.0.31-1~deb10u1_all.deb
 7b10eb6fda4fcff020005e6b2290908c5eb49cf6e8795e3f59ba97f27222eb09 68704 tomcat9-common_9.0.31-1~deb10u1_all.deb
 a1e556e7144fc2ac7dc300a500b602008fb819d6b5a4c1ea9339ed4fd391f1b3 704680 tomcat9-docs_9.0.31-1~deb10u1_all.deb
 899f0c3fd06ad68633b68bcc6864bead1afe094b284a291c9bbf2f3edd30a2f5 190572 tomcat9-examples_9.0.31-1~deb10u1_all.deb
 4d50d8fab7cf8d537d52dae8dda1fd696b11ad17d874555bb8e221dffcfd323e 41628 tomcat9-user_9.0.31-1~deb10u1_all.deb
 5adaf7d516b3eb02bcc97fae509684594f3121a763736d1a0d67651fac0c57ee 45352 tomcat9_9.0.31-1~deb10u1_all.deb
 0da07e7af37a0f0a0da3dde2a688c949b6a4a251b1fbc8517ae2349009d3e1ea 13742 tomcat9_9.0.31-1~deb10u1_amd64.buildinfo
Files:
 ef4c4a3eb5287e4fb362d29d133e1ff9 2889 java optional tomcat9_9.0.31-1~deb10u1.dsc
 c6f454e03cfa1b203cc8784c7df39885 3853428 java optional tomcat9_9.0.31.orig.tar.xz
 9810b747442363bf1f42541a469120ed 33880 java optional tomcat9_9.0.31-1~deb10u1.debian.tar.xz
 3ad5f700b43f7b2b6ab0c7a33d03f916 4097436 java optional libtomcat9-embed-java_9.0.31-1~deb10u1_all.deb
 7e097ffa1f99b021c058ef6836124439 5844208 java optional libtomcat9-java_9.0.31-1~deb10u1_all.deb
 d0788b97fdf158192683ee8f0febb5f5 33480 java optional tomcat9-admin_9.0.31-1~deb10u1_all.deb
 311036fc3a8d867512c29c3ff3f33963 68704 java optional tomcat9-common_9.0.31-1~deb10u1_all.deb
 dbdba6339c413870863694dfb248114e 704680 doc optional tomcat9-docs_9.0.31-1~deb10u1_all.deb
 78ff128a03df23c1de2ea379474f045b 190572 java optional tomcat9-examples_9.0.31-1~deb10u1_all.deb
 fa6a709f1f7dc43b8d1d301518551e6b 41628 java optional tomcat9-user_9.0.31-1~deb10u1_all.deb
 a2c05210c78e855a39a41707599a5704 45352 java optional tomcat9_9.0.31-1~deb10u1_all.deb
 867064cfed192c058e2b1f076b284185 13742 java optional tomcat9_9.0.31-1~deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl6vOh9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk2/UQAKEaUTjqtAESGosKR2sxjnBcGJOHO7DvrTl1
KYGXyT8RsUOZJgM6rBxKjpOVZcH1md8MHT9opFhFOronrheqiB8fWjSWb2cr3ARC
LALUlnVu37CpW+hwoJFCNPXuQcSIbmAXQ2VAq5BVCvFgV3nYgWyPcYzPGv0MpSgL
uh0jRV+k7qEafE0jl43subyF1c6K2ihn9cUE7b6z8pBizAJ1V1g3on/ZB2TJCVbN
K3OoNKm9L3+bhfJiAlh8hpHb/ai03wCpaRkgpiYva9ZK4ytYEvGSEy90iaD7iPwY
8gCTDCpVL7u6KnjgxCvRNUV5aiWaLIdFzOv6l6oUNmInr4+1qca0HsYxZe/VMazG
KhRO6P9PPvA38yxGM+NLIC8TRMuvkpIGJS6uC+qgpid3bQojjVtXEZAfnaxrj3lI
+8sKqFtib15Dm1NghN/yWGr32q8CzKsnWYFum+VgZ9DeBfsjxOxA3bthgTpRDIH8
/gIof7oCEZ3PH9ZiClH4Tz4sMADIDCJQTV0lxAZ9IWOmn5+fo84d93Kz4sOogEDE
6ij9v2Ezhg0DJGSpnq6v0B4YvFNmSYXdfyus3mo9RQGfoqKd7rrG8S4wkDprzdKE
rC9tg86aaoE5WRPWqp58Wd7wZiJ1xnvNd1PcYyZYRk4SVhBtlBvwdGSUofQ/bY2V
8n5MJ536
=hemO
-----END PGP SIGNATURE-----