Processing commands for cont...@bugs.debian.org:
> retitle 864405 undertow: CVE-2017-2666 CVE-2017-2670
Bug #864405 [src:undertow] undertow: CVE-2016-2666 CVE-2016-2670
Changed Bug title to 'undertow: CVE-2017-2666 CVE-2017-2670' from 'undertow:
CVE-2016-2666 CVE-2016-2670'.
> thanks
Stopping
retitle 864405 undertow: CVE-2016-2666 CVE-2016-2670
thx
Moritz Muehlenhoff wrote:
>
> There's no other reference that what Red Hat published here:
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
Also:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2670
Cheers,
Processing commands for cont...@bugs.debian.org:
> retitle 864405 undertow: CVE-2016-2666 CVE-2016-2670
Bug #864405 [src:undertow] CVE-2016-2666
Changed Bug title to 'undertow: CVE-2016-2666 CVE-2016-2670' from
'CVE-2016-2666'.
> thx
Unknown command or malformed arguments to command.
> Moritz
Am 08.06.2017 um 09:01 schrieb Moritz Mühlenhoff:
> retitle 864405 undertow: CVE-2016-2666 CVE-2016-2670
> thx
>
> Moritz Muehlenhoff wrote:
>>
>> There's no other reference that what Red Hat published here:
>> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
>
> Also:
>
Source: undertow
Severity: grave
Tags: security
There's no other reference that what Red Hat published here:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
Upstream needs to be contacted or the patch pulled from their
update.
Cheers,
Moritz
__
This is the maintainer address
maven-bundle-plugin_2.5.4-3~bpo8+1_amd64.changes uploaded successfully to
localhost
along with the files:
maven-bundle-plugin_2.5.4-3~bpo8+1.dsc
maven-bundle-plugin_2.5.4-3~bpo8+1.debian.tar.xz
libmaven-bundle-plugin-java_2.5.4-3~bpo8+1_all.deb
testng_6.9.12-1~bpo8+1_amd64.changes uploaded successfully to localhost
along with the files:
testng_6.9.12-1~bpo8+1.dsc
testng_6.9.12-1~bpo8+1.debian.tar.xz
testng_6.9.12-1~bpo8+1_all.deb
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
__
This is the
Processing control commands:
> found -1 8.0.14-1
Bug #864447 [src:tomcat8] tomcat8: CVE-2017-5664: Security constrained bypass
in error page mechanism
Marked as found in versions tomcat8/8.0.14-1.
--
864447: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864447
Debian Bug Tracking System
Source: tomcat8
Version: 8.5.14-1
Severity: important
Tags: security patch upstream
Control: found -1 8.0.14-1
Hi,
the following vulnerability was published for tomcat8.
CVE-2017-5664[0]:
| The error page mechanism of the Java Servlet Specification requires
| that, when an error occurs and an
binary:testng is NEW.
binary:testng is NEW.
source:testng is NEW.
Your package has been put into the NEW queue, which requires manual action
from the ftpteam to process. The upload was otherwise valid (it had a good
OpenPGP signature and file hashes are valid), so please be patient.
Packages are
binary:libmaven-bundle-plugin-java is NEW.
binary:libmaven-bundle-plugin-java-doc is NEW.
binary:libmaven-bundle-plugin-java-doc is NEW.
binary:libmaven-bundle-plugin-java is NEW.
source:maven-bundle-plugin is NEW.
Your package has been put into the NEW queue, which requires manual action
from
Processing commands for cont...@bugs.debian.org:
> tag 864447 + pending
Bug #864447 [src:tomcat8] tomcat8: CVE-2017-5664: Security constrained bypass
in error page mechanism
Added tag(s) pending.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
864447:
tag 864447 + pending
thanks
Some bugs in the tomcat8 package are closed in revision
a1e2c41b37a81e5565357f8a39e1e06ee443404f in branch 'master' by
Emmanuel Bourg
The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-java/tomcat8.git/commit/?id=a1e2c41
Commit message:
Fixed
Your message dated Thu, 08 Jun 2017 21:08:08 +
with message-id
and subject line Bug#864447: fixed in tomcat8 8.5.14-2
has caused the Debian Bug report #864447,
regarding tomcat8: CVE-2017-5664: Security constrained bypass in error page
mechanism
to be
tomcat8_8.5.14-2_source.changes uploaded successfully to localhost
along with the files:
tomcat8_8.5.14-2.dsc
tomcat8_8.5.14-2.debian.tar.xz
tomcat8_8.5.14-2_source.buildinfo
Greetings,
Your Debian queue daemon (running on host usper.debian.org)
__
This is the maintainer address
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 08 Jun 2017 12:28:34 +0200
Source: tomcat8
Binary: tomcat8-common tomcat8 tomcat8-user libtomcat8-java
libtomcat8-embed-java libservlet3.1-java libservlet3.1-java-doc tomcat8-admin
tomcat8-examples tomcat8-docs
16 matches
Mail list logo