Thomas, thanks for the debdiff. I have published this now:
https://bugs.launchpad.net/ubuntu/+source/tomcat8/8.5.30-1ubuntu1.4
** Changed in: tomcat8 (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscr
Thanks, I'm looking at this now.
** Changed in: tomcat8 (Ubuntu)
Status: New => In Progress
** Changed in: tomcat8 (Ubuntu)
Assignee: (unassigned) => Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu
The attachment "Fixes for CVE-2018-1336, CVE-2018-8034 and CVE-2018-8037
taken from svn.apache.org" seems to be a debdiff. The ubuntu-sponsors
team has been subscribed to the bug report so that they can review and
hopefully sponsor the debdiff. If the attachment isn't a patch, please
remove the "
I took the patches mentioned on
https://tomcat.apache.org/security-8.html and created a debdiff file.
Tomcat builds fine and starts.
I have never worked with debdiff files before. Can you please have a
look at it and give me some feedback?
Best regards,
Thomas
** Patch added: "Fixes for CVE-2018
Thank you for taking the time to report this bug and helping to make
Ubuntu better.
tomcat8 is in universe in 18.04, so it is dependent on the volunteers to
provide security fixes. Please see
https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation if you can help
with this.
--
You received this b
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-1336
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-8034
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-8037
--
You received this bug notification because you are a member of Ubuntu
Bugs, whi
