Bug#695250: tomcat6: CVE-2012-4534 CVE-2012-4431 CVE-2012-3546

On Thu, Dec 06, 2012 at 10:23:17PM -0800, tony mancill wrote: On 12/05/2012 11:43 PM, Moritz Muehlenhoff wrote: Package: tomcat6 Severity: grave Tags: security Justification: user security hole More Tomcat security issues have been disclosed:

Processing of axis_1.4-16.2_amd64.changes

axis_1.4-16.2_amd64.changes uploaded successfully to localhost along with the files: axis_1.4-16.2.dsc axis_1.4-16.2.debian.tar.gz libaxis-java_1.4-16.2_all.deb libaxis-java-doc_1.4-16.2_all.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) __ This is

axis_1.4-16.2_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 6 Dec 2012 14:28:00 +0100 Source: axis Binary: libaxis-java libaxis-java-doc Architecture: source all Version: 1.4-16.2 Distribution: unstable Urgency: low Maintainer: Debian Java Maintainers

Bug#692650: marked as done (axis: CVE-2012-5784)

Your message dated Fri, 07 Dec 2012 09:32:45 + with message-id e1tguix-0006ae...@franck.debian.org and subject line Bug#692650: fixed in axis 1.4-16.2 has caused the Debian Bug report #692650, regarding axis: CVE-2012-5784 to be marked as done. This means that you claim that the problem has

Processing of commons-httpclient_3.1-10.2_amd64.changes

commons-httpclient_3.1-10.2_amd64.changes uploaded successfully to localhost along with the files: commons-httpclient_3.1-10.2.dsc commons-httpclient_3.1-10.2.debian.tar.gz libcommons-httpclient-java_3.1-10.2_all.deb libcommons-httpclient-java-doc_3.1-10.2_all.deb Greetings, Your

commons-httpclient_3.1-10.2_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 6 Dec 2012 14:28:00 +0100 Source: commons-httpclient Binary: libcommons-httpclient-java libcommons-httpclient-java-doc Architecture: source all Version: 3.1-10.2 Distribution: unstable Urgency: low Maintainer:

Bug#692442: marked as done (CVE-2012-5783: Insecure certificate validation)

Your message dated Fri, 07 Dec 2012 10:02:38 + with message-id e1tguls-ys...@franck.debian.org and subject line Bug#692442: fixed in commons-httpclient 3.1-10.2 has caused the Debian Bug report #692442, regarding CVE-2012-5783: Insecure certificate validation to be marked as done. This

libcsv-java 2.0-12 MIGRATED to testing

FYI: The status of the libcsv-java source package in Debian's testing distribution has changed. Previous version: 2.0-11 Current version: 2.0-12 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will

Bug#687692: More info/testcase is needed

Hi, is there a test case to brake libitext-java (2.1.7-3)? There seem to be 4 classes which are using the ASN1ObjectIdentifier (mentioned in https://lists.debian.org/debian-java/2012/08/msg00030.html) although they can't be found explicitly in the corresponding java files. Grepping thorugh the

Processing of tomcat6_6.0.35-6_amd64.changes

tomcat6_6.0.35-6_amd64.changes uploaded successfully to localhost along with the files: tomcat6_6.0.35-6.dsc tomcat6_6.0.35-6.debian.tar.gz tomcat6-common_6.0.35-6_all.deb tomcat6_6.0.35-6_all.deb tomcat6-user_6.0.35-6_all.deb libtomcat6-java_6.0.35-6_all.deb

tomcat6_6.0.35-6_amd64.changes ACCEPTED into unstable

Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 06 Dec 2012 21:10:11 -0800 Source: tomcat6 Binary: tomcat6-common tomcat6 tomcat6-user libtomcat6-java libservlet2.4-java libservlet2.5-java libservlet2.5-java-doc tomcat6-admin tomcat6-examples tomcat6-docs

Bug#695250: marked as done (tomcat6: CVE-2012-4534 CVE-2012-4431 CVE-2012-3546)

Your message dated Sat, 08 Dec 2012 04:47:40 + with message-id e1thckc-0006lu...@franck.debian.org and subject line Bug#695250: fixed in tomcat6 6.0.35-6 has caused the Debian Bug report #695250, regarding tomcat6: CVE-2012-4534 CVE-2012-4431 CVE-2012-3546 to be marked as done. This means

Bug#692440: marked as done (tomcat7: CVE-2012-2733 CVE-2012-3439)

Your message dated Sat, 08 Dec 2012 04:47:40 + with message-id e1thckc-0006lr...@franck.debian.org and subject line Bug#692440: fixed in tomcat6 6.0.35-6 has caused the Debian Bug report #692440, regarding tomcat7: CVE-2012-2733 CVE-2012-3439 to be marked as done. This means that you claim

Bug#695251: tomcat7: CVE-2012-4431 CVE-2012-4534 CVE-2012-3546

retitle 695251 tomcat7: CVE-2012-4431 CVE-2012-3546 thanks On 12/05/2012 11:49 PM, Moritz Muehlenhoff wrote: Package: tomcat7 Severity: grave Tags: security Justification: user security hole New security issues in Tomcat have been disclosed: http://tomcat.apache.org/security-7.html I am

Processed: Re: Bug#695251: tomcat7: CVE-2012-4431 CVE-2012-4534 CVE-2012-3546

Processing commands for cont...@bugs.debian.org: retitle 695251 tomcat7: CVE-2012-4431 CVE-2012-3546 Bug #695251 [tomcat7] tomcat7: CVE-2012-4431 CVE-2012-4534 CVE-2012-3546 Changed Bug title to 'tomcat7: CVE-2012-4431 CVE-2012-3546' from 'tomcat7: CVE-2012-4431 CVE-2012-4534 CVE-2012-3546'

Bug#693673: marked as done (triplea: New upstream release (1.6.1.2) available)

Your message dated Fri, 7 Dec 2012 21:48:02 -0800 with message-id CACZd_tBWejxLqAmjFaCavY23ycFoZN1NJRGxTjOiY61=wva...@mail.gmail.com and subject line Re: triplea: New upstream release (1.6.1.2) available has caused the Debian Bug report #693673, regarding triplea: New upstream release (1.6.1.2)

Processing of tomcat7_7.0.28-4_amd64.changes

tomcat7_7.0.28-4_amd64.changes uploaded successfully to localhost along with the files: tomcat7_7.0.28-4.dsc tomcat7_7.0.28-4.debian.tar.gz tomcat7-common_7.0.28-4_all.deb tomcat7_7.0.28-4_all.deb tomcat7-user_7.0.28-4_all.deb libtomcat7-java_7.0.28-4_all.deb