Hello Moritz, I have uploaded the patched tomcat6 package to unstable and will now build for squeeze, which I will then upload to my p.d.o page for review.
One question first. There was one pending update already in SVN for the Brazilian debconf translation, which I included in the upload to unstable. Do you think it's acceptable to allow this to be included in upload for squeeze-security, or does that bit need to be excluded? (I'm trying to decide where to branch in the packaging repo.) Thank you, tony On 02/07/2011 12:00 AM, Moritz Muehlenhoff wrote: > Package: tomcat6 > Version: Three Tomcat vulnerabilities > Severity: grave > Tags: security > > CVE-2011-0534, CVE-2011-0013 and CVE-2010-3718 need to be > fixed in squeeze-security and unstable: > > http://tomcat.apache.org/security-6.html > > Cheers,
signature.asc
Description: OpenPGP digital signature
