This bug was fixed in the package tomcat7 - 7.0.35-1~exp2ubuntu1.1 --------------- tomcat7 (7.0.35-1~exp2ubuntu1.1) raring-security; urgency=low
* SECURITY UPDATE: information leak via AsyncListeners and RuntimeExceptions (LP: #1178645) - debian/patches/CVE-2013-2071.patch: catch RuntimeExceptions in java/org/apache/catalina/core/AsyncContextImpl.java, added tests to test/org/apache/catalina/core/TestAsyncContextImpl.java. - CVE-2013-2071 -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Tue, 21 May 2013 10:07:15 -0400 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat7 in Ubuntu. https://bugs.launchpad.net/bugs/1178645 Title: tomcat7 needs update to 7.0.40 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1178645/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs