-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 14 Sep 2016 10:56:45 +0200 Source: tomcat7 Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs Architecture: source all Version: 7.0.70-3 Distribution: unstable Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintain...@lists.alioth.debian.org> Changed-By: Emmanuel Bourg <ebo...@apache.org> Description: libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation libtomcat7-java - Servlet and JSP engine -- core libraries tomcat7 - Servlet and JSP engine tomcat7-admin - Servlet and JSP engine -- admin web applications tomcat7-common - Servlet and JSP engine -- common files tomcat7-docs - Servlet and JSP engine -- documentation tomcat7-examples - Servlet and JSP engine -- example web applications tomcat7-user - Servlet and JSP engine -- tools to create user instances Changes: tomcat7 (7.0.70-3) unstable; urgency=high . * Team upload. * Fixed CVE-2016-1240: A flaw in the init.d startup script allows local attackers who have gained access to the server in the context of the tomcat user through a vulnerability in a web application to replace the catalina.out file with a symlink to an arbitrary file on the system, potentially leading to a root privilege escalation. Thanks to Dawid Golunski for the report. Checksums-Sha1: d84de9acb43233639df68119b65b787a112eb85c 2791 tomcat7_7.0.70-3.dsc ff14980db36c8f535830a22b55602926ef031b55 66924 tomcat7_7.0.70-3.debian.tar.xz 8c1d153a572d31efc050aabc34d81ab4ea343d76 194160 libservlet3.0-java-doc_7.0.70-3_all.deb 5a0cec06e2894f1b5997396b1f1b9b72208a7c75 314058 libservlet3.0-java_7.0.70-3_all.deb 9d9c9ebfd2247718e7726e545f54925fa7746ebf 3742776 libtomcat7-java_7.0.70-3_all.deb 76fba0031ea67595d9a5abdf0240705f7eb0a68d 39452 tomcat7-admin_7.0.70-3_all.deb 49521e317dc49600df6b317d369e120e4860b172 280712 tomcat7-common_7.0.70-3_all.deb 7efb6a8808d1514d0145d0ee0d802697826c856e 649442 tomcat7-docs_7.0.70-3_all.deb 63b9b7c8d763849799661f4da76c1f2e1ef27e28 195978 tomcat7-examples_7.0.70-3_all.deb d3ee0f982d98e44c9b6d541fb05c508a0ea81ea3 39482 tomcat7-user_7.0.70-3_all.deb ba3c01707117756bc1be4be043ed68ff29b7b32e 51052 tomcat7_7.0.70-3_all.deb Checksums-Sha256: b0b233c560f712763c7aba44cba773ba7bae1d6b947c366fdbadff12d2d1c4ce 2791 tomcat7_7.0.70-3.dsc 72d8db3b624d8e46d10f770a2e0f7987a98517e44e2c819aa199ba20dae8e7b2 66924 tomcat7_7.0.70-3.debian.tar.xz 7635d56e3ea6cac37898612f855d5887de074edeb332d3ba1ead6db6b2b67e26 194160 libservlet3.0-java-doc_7.0.70-3_all.deb 19118434470d5c039de1b73a60617ad01e978dcc5fd0acc90aa373b26b300dba 314058 libservlet3.0-java_7.0.70-3_all.deb 81cbcdd7586f05f67b5564e1e985c5d27eaa99b41987b1fcbfe6908a49a67359 3742776 libtomcat7-java_7.0.70-3_all.deb c750fdf369d55be6c020006182b25ee7d2dcecd42be1db27687930e53113cd41 39452 tomcat7-admin_7.0.70-3_all.deb 9f270efa7d88c9ec777b25929e79511d397c643fbb8bd7cc724d62f79fe688b3 280712 tomcat7-common_7.0.70-3_all.deb d103dbee859f96523e34368fea5ba4c72ba7035d8db5e164e2227ca6468fa8f4 649442 tomcat7-docs_7.0.70-3_all.deb 661671ad70a32f0ab925a04f4c78bbae8329295690dd122c352eac62b7db1f81 195978 tomcat7-examples_7.0.70-3_all.deb 88b7ceb950c5a8c2e3df84c17cb8b48db0013c1fd463b0d8e5caebd1a09884d0 39482 tomcat7-user_7.0.70-3_all.deb 36883fba3f2f3e33e65f989771db97d3161318a913ef3abc56a1a8eb1b003af9 51052 tomcat7_7.0.70-3_all.deb Files: f0e27afedd2b1ad188176cc6f1fbf478 2791 java optional tomcat7_7.0.70-3.dsc fc79892ca759e672d228c7cb51ae153d 66924 java optional tomcat7_7.0.70-3.debian.tar.xz 3b30386cfeaf3828a3b80809fdd87b6e 194160 doc optional libservlet3.0-java-doc_7.0.70-3_all.deb 824ac69735401ac2cbf6d641cb6ee0e3 314058 java optional libservlet3.0-java_7.0.70-3_all.deb 812f295e76d390e7c5396f033102d8c4 3742776 java optional libtomcat7-java_7.0.70-3_all.deb db0a1d48f47879c472454f151bcc7793 39452 java optional tomcat7-admin_7.0.70-3_all.deb 5aa51185c69a02d8c8bcbcc6e9a2d098 280712 java optional tomcat7-common_7.0.70-3_all.deb 9fe59ded38c9b31448aba3809a75a034 649442 doc optional tomcat7-docs_7.0.70-3_all.deb 9049b5d6acb384e3febf652bd9bd13cd 195978 java optional tomcat7-examples_7.0.70-3_all.deb 6ba913666773b409b5d16a36d5754c38 39482 java optional tomcat7-user_7.0.70-3_all.deb d67eeed63c58962fe224fe409d18e270 51052 java optional tomcat7_7.0.70-3_all.deb
-----BEGIN PGP SIGNATURE----- iQIbBAEBCAAGBQJX2RFKAAoJEPUTxBnkudCsYT8P+MF9hUH6+eXIYeB6tJRYyFCC V3vLuU3BNn5xUilk4om8BoExb3544dOqDxM2wZFbkqmx2A48csREKe9ZODJqt4Ne 7RGgCKG9ANbt56t/qRuvKjf37zPVVexLepYCqYvwLNBFsMEikQp3HN9JhNNsSIVM SshDMLA6qg9Zn14HrEi11nsrQucgvqphWnljwZQ8cjhWSoGDRI/qn8xMENd56op0 vHV65g0Z2e+TVfSO6iAvT39Vj7gL5YEMfBjBr1hGTyG5TiVp8vGra9YpvCi/FG3d gt/PY4I40Wtmie6jSTTMRDuK7f46YpZHy1kkmufvUnxwlxOtyQ5UVGqcX8Ju4pV6 OqGgi1TQVOcuIiplkLuCQUS8mV1w0u3NXnRW5VUpy0fv5Y/Z/0OS3g+vZnLJ0z9u 24rNgVa9eGp6E3GONnPcaf3P1LRrwjXVXYVUQ3zOzI6OuOhB8hwXDFVlogIHtA5i SsNdOiwZdUTP0wyTudg2AUWF/oWCiZvm61vCNnD2OvhrcodBUTj2uyRWYj/bJxiI /BFvnUwfzgykyR4MsXexZLkXuBo8vDqhmZlQIfBLRG/sry5AQquhn8PHSKdtT5no SO13MmR/Fk/sZcKFDIV9+omoAi4Eeam5jFxTak0lyEZx2xyOyQpR0k8Otw4oEk0L Sa9UIGuZBc1JY0DGos8= =rxqv -----END PGP SIGNATURE-----