Package: tomcat6
Severity: grave
Tags: security
Justification: user security hole
Please see http://tomcat.apache.org/security-6.html
Since Wheezy is frozen, please apply isolated security fixes and do not update
to a new upstream release.
BTW, is it really necessary to have both tomcat6 and
Package: tomcat7
Severity: grave
Tags: security
Justification: user security hole
Please see http://tomcat.apache.org/security-7.html
Since Wheezy is frozen, please apply isolated security fixes instead
of updating to a new upstream release.
Cheers,
Moritz
__
This is the maintainer
Package: commons-httpclient
Severity: important
Tags: security
Please see Section 7.5 of this paper:
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
This has been assigned CVE-2012-5783. I'm not sure if we can backport more
correct certificate validation to 3.x, but independent of that it might
Processing control commands:
notfound -1 2.8.0-5
Bug #656153 [jspwiki] jspwiki: postinst failure: chown: invalid user: `tomcat6'
No longer marked as found in versions jspwiki/2.8.0-5.
fixed -1 2.8.0-5
Bug #656153 [jspwiki] jspwiki: postinst failure: chown: invalid user: `tomcat6'
Marked as
Package: jspwiki
Version: 2.8.0-5
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package modifies conffiles.
This is forbidden by the policy, see
http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files
10.7.3:
5 matches
Mail list logo