Package: tomcat7
Severity: important
Tags: security
Three security issues were reported in tomcat today:
http://tomcat.apache.org/security-7.html
CVE-2013-2067 and CVE-2012-3544 were made public today, but already fixed in
past
releases. Hence, in comparison to stable/oldstable sid is already fixed.
Note that CVE-2013-2067 and CVE-2012-3544 also affect tomcat6. tomcat6 should
be removed now that wheezy is released.
Cheers,
Moritz
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>.
Please use
debian-j...@lists.debian.org for discussions and questions.
