Back to tomcat9 PTS page

Accepted tomcat9 9.0.31-1~deb10u12 (source) into oldoldstable

To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
Subject: Accepted tomcat9 9.0.31-1~deb10u12 (source) into oldoldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 05 Apr 2024 23:00:19 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: tomcat9_9.0.31-1~deb10u12_source.changes
Debian-source: tomcat9
Debian-suite: oldoldstable
Debian-version: 9.0.31-1~deb10u12
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id:Content-Type: Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:In-Reply-To:References; bh=6fqV04BFsifMjGc7EgVXdo3mbXY7ud+4jBLd5XuAD4w=; b=l20MwBCD+KqIwzpYPq1kY/J699 3WfE7Ski8b/ndCbidUIFcvw9z/ZWR2b7q3H2qFqUOT4eHjTb6Xd/OL1FtOt6k/QeZAhAqeWgU6FYf AgBe0PlzYKiSWG5hQFdPuYy42N/IVNykWTF2PyruMSU2kmuaTc7pGvnzV/YbQrIkV7MBWTow9YN8p U7nIBZHVlv2KJaXw7JQjCR+RRpv+rSP+IXvW2JuGeN8VoPw7ajTK4tdTo6nLRrhaKhRyjgNxFPrvb DdnopBrNckAUDfV03IK4RpG5phb0MMubJKr2Vw0hn3Vmbuqp4yPoSNrOu3ZFCjXh9sTw7KmCMH8hG J2SXpYGA==;
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1rssXj-006FWI-Ld@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Apr 2024 12:14:58 +0200
Source: tomcat9
Architecture: source
Version: 9.0.31-1~deb10u12
Distribution: buster-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Changes:
 tomcat9 (9.0.31-1~deb10u12) buster-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2024-24549:
     Denial of Service due to improper input validation vulnerability for
     HTTP/2. When processing an HTTP/2 request, if the request exceeded any of
     the configured limits for headers, the associated HTTP/2 stream was not
     reset until after all of the headers had been processed.
   * Fix CVE-2024-23672:
     Denial of Service via incomplete cleanup vulnerability. It was possible for
     WebSocket clients to keep WebSocket connections open leading to increased
     resource consumption.
Checksums-Sha1:
 be088b1770323710a17b4741d61b9af7e29db968 2893 tomcat9_9.0.31-1~deb10u12.dsc
 cb917fdf199d30d55c37715b83f7ae9671fc3a26 69020 tomcat9_9.0.31-1~deb10u12.debian.tar.xz
 b50835975eab92523c368c5850773cc0ce3889e6 11843 tomcat9_9.0.31-1~deb10u12_source.buildinfo
Checksums-Sha256:
 3616241e5b1b87228721a2ba482c0b1dbe0cd0c2d6d3de8b94c2daac5afee582 2893 tomcat9_9.0.31-1~deb10u12.dsc
 5a4951465b5c83b3a9130a51544192c88bffa3c4891241fa90bcbb657965b21c 69020 tomcat9_9.0.31-1~deb10u12.debian.tar.xz
 e4451a4f86a82fbf35ad314307f5740512ed3a8d986c5d86d69ce4f9f6de9773 11843 tomcat9_9.0.31-1~deb10u12_source.buildinfo
Files:
 0d46e26194ef507d46056dc5219267c2 2893 java optional tomcat9_9.0.31-1~deb10u12.dsc
 a45bb873efe0598811b3594f865cc5de 69020 java optional tomcat9_9.0.31-1~deb10u12.debian.tar.xz
 6f69fbf93c4a61bd094ffef62e79b77f 11843 java optional tomcat9_9.0.31-1~deb10u12_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmYQfy9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkR0gQAJzdvbdUYm56xUFt6bu95kobxOZSSHywFQ22
FilsfFnCxddt2xLUj/D7V4B5fTAFyOQc0aG3os+Znlkx+5cG88wdJpGfqrCveIjJ
7PsZq+27fuz78lCkXGBXwgfdUGy9im2RMnNE2UTw8g8jN3jXZwfRA7QSPl/i3q0I
TSMypykZOM/jNCCn7hfZzU0qhGheOKPUEu39MK7RRPAJMNJ4r26h4zeV4Mm62A3j
b+eTQNRIa52HYAcNVKErKZmJ7o+QNWKESnCsvsPNg0fJqsqcFgavKwwU4qgu5IHK
a/cZA3AcYetiTT3EwTS1fU2MQx5LxCs7qJx798m7xsftrKX+cZLBbNYJgWxKIERi
y98q6nYk4JcyE1PN8urUmH860J7WFfd3+dcD1npiucoNy20du2WtwqFe2vg7zlWl
a+UrEiXgS3FS4dVdnAS/vp7jkeBG+Nx/myvBwV2rNDowtOF6hTR2ZoQ7V6RYP2cV
ZfnIx+apwdr+1imLCg2rdzQ2iiQ5wy0LOQ8CBrNX38TEr/NG76UfrHEOdmZaFb5X
vTMdYMJjCpGW582Tc4zeBHu1o9YpRFCX0QnZiTw3qIw651WeeQ/BbIl6e88yYVg9
CFc/P/0eIJOxzjYTatEd9UWYrDEopHHll1NPeLyE9iaa88EhP4VxIIjHlFgODHtg
Vco6aGkI
=DdfP
-----END PGP SIGNATURE-----

Attachment: pgpQwTO08Yysc.pgp
Description: PGP signature