Your message dated Thu, 07 Jul 2011 05:33:20 +0000
with message-id <e1qehde-0006tm...@franck.debian.org>
and subject line Bug#632882: fixed in tomcat7 7.0.16-3
has caused the Debian Bug report #632882,
regarding CVE-2011-2204
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
632882: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632882
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: tomcat6
Severity: grave
Tags: security
(Also applies to Tomcat 5.5 and Tomcat 6)
Please see
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204
This doesn't warrant a DSA, but could be fixed through a point
update.
Cheers,
Moritz
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.39-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: tomcat7
Source-Version: 7.0.16-3
We believe that the bug you reported is fixed in the latest version of
tomcat7, which is due to be installed in the Debian FTP archive:
libservlet3.0-java-doc_7.0.16-3_all.deb
to main/t/tomcat7/libservlet3.0-java-doc_7.0.16-3_all.deb
libservlet3.0-java_7.0.16-3_all.deb
to main/t/tomcat7/libservlet3.0-java_7.0.16-3_all.deb
libtomcat7-java_7.0.16-3_all.deb
to main/t/tomcat7/libtomcat7-java_7.0.16-3_all.deb
tomcat7-admin_7.0.16-3_all.deb
to main/t/tomcat7/tomcat7-admin_7.0.16-3_all.deb
tomcat7-common_7.0.16-3_all.deb
to main/t/tomcat7/tomcat7-common_7.0.16-3_all.deb
tomcat7-docs_7.0.16-3_all.deb
to main/t/tomcat7/tomcat7-docs_7.0.16-3_all.deb
tomcat7-examples_7.0.16-3_all.deb
to main/t/tomcat7/tomcat7-examples_7.0.16-3_all.deb
tomcat7-user_7.0.16-3_all.deb
to main/t/tomcat7/tomcat7-user_7.0.16-3_all.deb
tomcat7_7.0.16-3.debian.tar.gz
to main/t/tomcat7/tomcat7_7.0.16-3.debian.tar.gz
tomcat7_7.0.16-3.dsc
to main/t/tomcat7/tomcat7_7.0.16-3.dsc
tomcat7_7.0.16-3_all.deb
to main/t/tomcat7/tomcat7_7.0.16-3_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 632...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
tony mancill <tmanc...@debian.org> (supplier of updated tomcat7 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 06 Jul 2011 21:55:39 -0700
Source: tomcat7
Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java
libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs
Architecture: source all
Version: 7.0.16-3
Distribution: unstable
Urgency: low
Maintainer: Debian Java Maintainers
<pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: tony mancill <tmanc...@debian.org>
Description:
libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes
libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation
libtomcat7-java - Servlet and JSP engine -- core libraries
tomcat7 - Servlet and JSP engine
tomcat7-admin - Servlet and JSP engine -- admin web applications
tomcat7-common - Servlet and JSP engine -- common files
tomcat7-docs - Servlet and JSP engine -- documentation
tomcat7-examples - Servlet and JSP engine -- example web applications
tomcat7-user - Servlet and JSP engine -- tools to create user instances
Closes: 632882
Changes:
tomcat7 (7.0.16-3) unstable; urgency=low
.
* Team upload.
* Correct Suggests: for libtcnative-1 (tomcat-native)
* Add patch for CVE-2011-2204 (Closes: #632882)
Checksums-Sha1:
b432d6eeb34e647aaa34d13340101129846921be 2166 tomcat7_7.0.16-3.dsc
f96fd73f9d47f70ba08503f58d9bce75d6ddc533 41120 tomcat7_7.0.16-3.debian.tar.gz
4aff3274b9d13aee71bde0e0bb7bf431e78012fb 52350 tomcat7-common_7.0.16-3_all.deb
571cbed27b052859c76225292f8b329b975c896c 45610 tomcat7_7.0.16-3_all.deb
3c24182ffc3ad24424415249fb880e385cf2a972 35414 tomcat7-user_7.0.16-3_all.deb
b8dcfe200d85acad4e4981bace888402922fcc7f 3349220
libtomcat7-java_7.0.16-3_all.deb
dcbdd481d7be96c822362f7a769f78face4aa39e 299112
libservlet3.0-java_7.0.16-3_all.deb
74f0e576da5e71bf15f7fcd1e7da7eb7b3f1ed9d 299424
libservlet3.0-java-doc_7.0.16-3_all.deb
20f6c71ee73072cf926182858a1b38a375fa2fd7 48160 tomcat7-admin_7.0.16-3_all.deb
b2c4c30436bb719aace9b604c8dc4fa3bd95e158 179934
tomcat7-examples_7.0.16-3_all.deb
53992b94bfe1cb6bb5312e0f8022f99209443306 577940 tomcat7-docs_7.0.16-3_all.deb
Checksums-Sha256:
9acf92c63278a667105e5024822ada1e558d5165058ad438fe1d45a6f3e312ac 2166
tomcat7_7.0.16-3.dsc
969e66360771b344b419809b0dfec09826469d38f0359dc5312d0f0adb9827e3 41120
tomcat7_7.0.16-3.debian.tar.gz
9d17f777512ff426cee60e5de235d0103a68ae26d13fc0770facc18b6d003676 52350
tomcat7-common_7.0.16-3_all.deb
70144954a05904b68c19652409fdd2eed5fe49104458744afedb2a75dad62eb3 45610
tomcat7_7.0.16-3_all.deb
7cad340ff8484ecef225fc7c80646d09c4e54c88ca4d86418107df9101fb1b7f 35414
tomcat7-user_7.0.16-3_all.deb
0efefda0db5f91192b5cf86547da5a83e23689ffecf20e0c29baca67ba655e4c 3349220
libtomcat7-java_7.0.16-3_all.deb
eddab6549ade4040fe28b99ab4bd06b53e10b854e659c2aef1f3aea31cba1bd6 299112
libservlet3.0-java_7.0.16-3_all.deb
824cfef2d55f96cb1ab0579b320961a53b0d7477b9aa805c59d068f4ef2861a5 299424
libservlet3.0-java-doc_7.0.16-3_all.deb
9cb1b1dedc13e98ea2038434cf3970c1103583ba12710d26b61f2dfa78e927a3 48160
tomcat7-admin_7.0.16-3_all.deb
1d405cbf13d8a332848c2052ec2d5001492e5ad4c7acd016491ffd88d486ad49 179934
tomcat7-examples_7.0.16-3_all.deb
a9f472b074a7cf61b6f8ca3bb0c4d15a77627f07e556e7126037080c18c9607e 577940
tomcat7-docs_7.0.16-3_all.deb
Files:
873c02e052d65b8a5bdd6bb4de52405c 2166 java optional tomcat7_7.0.16-3.dsc
5de2abba9841b1d2fbc0c50f6f1e199b 41120 java optional
tomcat7_7.0.16-3.debian.tar.gz
a5226410d02ec4d0c16cb442a57290ea 52350 java optional
tomcat7-common_7.0.16-3_all.deb
1e1e9df8b71c54e52d18dbea8bc171bb 45610 java optional tomcat7_7.0.16-3_all.deb
012ef54f62fa378e2ea1995b6d372a0e 35414 java optional
tomcat7-user_7.0.16-3_all.deb
52dac18dc0e6e6e20e52225d9da29ad4 3349220 java optional
libtomcat7-java_7.0.16-3_all.deb
e2be5384211c6b91fbd1a8b2e895180b 299112 java optional
libservlet3.0-java_7.0.16-3_all.deb
51330a78d4958f4083b4b8c6877566b9 299424 doc optional
libservlet3.0-java-doc_7.0.16-3_all.deb
b016e31a5e1d8768f794e0598793b947 48160 java optional
tomcat7-admin_7.0.16-3_all.deb
06f483bf2a60774d48960306682654fd 179934 java optional
tomcat7-examples_7.0.16-3_all.deb
f0c5a38b6870afc3442109825498feeb 577940 doc optional
tomcat7-docs_7.0.16-3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBAgAGBQJOFULYAAoJECHSBYmXSz6We80P/0gaeO/tR3MIrED+LdS8BrLZ
pUJuPePH9x3I9UzPBkUbM0Pl8xGkwN+gBYa7Iyqyr8PocJz1pcBHALQ6DViNXv9R
0msgsh095plMdzY/x7CqMfsQYNV1cSvShFSF6RvtFbD6pdS6wkhQCDQ+1wRU8bRf
4YP7EcB9qbBQI6B8frWggL36CA4iagG+vgkL5ITpRUFpQT08D2gUntFWisGeWeDA
ibH7lR9u3tDhI4q0oWD+yuMsHpVSCRgJ4JHDXktWpdtoy4iFf6x+GUpCpCYi13Ll
x1644wY3BXO1FhYAaG9MRCHXraXTg/YyEoRbT4qamLFMivYUg57xeSuKSsLU9RA4
XuC1jN3sEYP/YTgRVJZiJKOpScRrV75NF7k4zq7VRoE3TkOsXQ7TQkIh1fewBiDT
2tGuAU0cT3Tz71LG38SLK8bam44nNxedNvQKrP1OdxUmSD3c60Bvlzexmrg7Jpkr
4uzvy7tOL7sTTS+9EoqnPk2sn1qIvLCT66azADL3roXvjeKqdY6sN8CQhSx4jXz4
bvLorhsppdSaC9lN3RYTKHxOIjWWwA+1DILe8YE+HGBuutmRgFaWOZUeE8QjAXhg
G81CPNMxrhWZdsYeb9f3aBmvh99EQUBdaxPQLiWTDmJhEWQkB6lCUNurmi9gr8xO
n7gX32MI8KbI1odwjFoC
=hgj7
-----END PGP SIGNATURE-----
--- End Message ---
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>.
Please use
debian-j...@lists.debian.org for discussions and questions.
