Your message dated Mon, 03 Aug 2009 13:17:52 +0200
with message-id <[email protected]>
and subject line closing bugs in tomcat5
has caused the Debian Bug report #427712,
regarding Possible security vulnerability in tomcat4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
427712: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=427712
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: tomcat4
Version: 4.1.31-3
Hi,
According to this...
http://www.frsirt.com/english/advisories/2007/1729
...upstream versions of tomcat 4 prior to 4.1.36 have vulnerabilities
that can allow someone to "bypass security restrictions or execute
arbitrary scripting code". Do these apply to tomcat4 in Sarge? If so,
will a fixed debian package be released?
--
-Mike Horansky, ITSS/Unix Systems and Applications
[email protected]
OPINIONS EXPRESSED BY ME ARE NOT NECESSARILY SHARED BY MY EMPLOYERS.
--- End Message ---
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
tomcat5 has been removed from Debian. This bug does not apply to
tomcat5.5 or tomcat6, or has already been reported or fixed there, so
I'm closing it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkp2x2AACgkQXjXn6TzcAQkSNgCgkow5fbA2C+YIQ8Gqssma9web
2poAn25kEBL4V63t+rdrk6zAg62LvypC
=jSjY
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
pkg-java-maintainers mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers
