Package: tomcat6 Severity: important Tags: security Dear Tomcat maintainers,
AFAICS CVE-2010-1157 is still unfixed in sid: http://tomcat.apache.org/security-6.html We don't need to update Lenny, since the security impact is marginal. If you want to have it fixed in stable, you can still fix it through a point update. Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash __ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.
