Debian Package Tracker

From: Emmanuel Bourg <ebourg@apache.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted tomcat9 9.0.16-4 (source) into unstable
Date: Thu, 13 Jun 2019 22:03:45 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 13 Jun 2019 23:26:12 +0200
Source: tomcat9
Architecture: source
Version: 9.0.16-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Emmanuel Bourg <ebourg@apache.org>
Closes: 925928 925929 926319 929895
Changes:
 tomcat9 (9.0.16-4) unstable; urgency=medium
 .
   * Team upload.
 .
   [ Emmanuel Bourg ]
   * Fixed CVE-2019-0221: The SSI printenv command echoes user provided data
     without escaping and is, therefore, vulnerable to XSS. SSI is disabled
     by default (Closes: #929895)
 .
   [ Thorsten Glaser ]
   * Remove -XX:+UseG1GC from standard JAVA_OPTS; the JRE chooses
     a suitable GC automatically anyway (Closes: #925928)
   * Correct the ownership and permissions on the log directory:
     group adm and setgid (Closes: #925929)
   * Make the startup script honour the (renamed) $SECURITY_MANAGER
   * debian/libexec/tomcat-locate-java.sh: Remove shebang and make
     not executable as this is only ever sourced (makes no sense otherwise)
 .
   [ Christian Hänsel ]
   * Restored the variable expansion in /etc/default/tomcat9 (Closes: #926319)
Checksums-Sha1:
 7894d90f36844414a224181e83312bd7c15b7e3b 2731 tomcat9_9.0.16-4.dsc
 2a6c85287daf3b2f7a1594050ca7b75595cb6eb1 33208 tomcat9_9.0.16-4.debian.tar.xz
 b77d468a565e2385449d63bf1bf127381d45d357 13520 tomcat9_9.0.16-4_source.buildinfo
Checksums-Sha256:
 9de699b8370663a7978b0cd3308f7d513d26cf75f97a22ff6f77fa0fc0f4108b 2731 tomcat9_9.0.16-4.dsc
 9aca7424210d8d81bce6542f4177d6fc6824a90d698083fe586268e0869b797d 33208 tomcat9_9.0.16-4.debian.tar.xz
 53d9af41679beedec6fc1759c88f1a08d00d5d5e4b8e545d5cf3cf2a69fa1548 13520 tomcat9_9.0.16-4_source.buildinfo
Files:
 7e72313577037a6ef165759567a12f92 2731 java optional tomcat9_9.0.16-4.dsc
 449c291a39acb3cd67c2d7c9ab3dcfe0 33208 java optional tomcat9_9.0.16-4.debian.tar.xz
 69fc94d44058a03afc694b3effd166e9 13520 java optional tomcat9_9.0.16-4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEuM5N4hCA3PkD4WxA9RPEGeS50KwFAl0CxdoSHGVib3VyZ0Bh
cGFjaGUub3JnAAoJEPUTxBnkudCs78EP/iXFnZ7yr2MWKoqPTalafgw50uHapHE2
wXnCNGNOd32sMMSe4HFACxeanez8T8LkN410/QA7V8oRBpzfwABrvi6qTvpCRjgJ
O6V0iAqfVtqszXem8j066kviDox9RJfUXdxhTPF3h8WvhEy+f5uVSrtjM8/3z4h0
tITb7Kq9LqJ7yil4wvbQbVQF24hsNMf80zsbMxd5IOirb8Zhfk2RBa9RgykBTuC5
LFEFts1cmI0Y3SRw8hOYUMvJ364PsuWz5ngiNsNmFLWPEKDgks0h5UE4rQ2IQS3M
YfJuo4VIGrtpl8MvP5Gl1mReB+4+ypgqN9B4ePSKdu3/5tOPrvF7I1p5vOek+fy9
qQK73exMjKgp7wKhhV1IXBA9mVpW+3gjYZdpL6rMF6otQdS9J1wYpMd3kJb9TZ9j
WoZAccj6LX323O95YoiSgoZg5Pg3EiU+JLS95E8A8V3o7cdYPI4f07S18Sf5t/zs
x7HeM+VV7Zdn6mzUeBCw5H/imHaSr3FtTXH3/qdQG4cY1mtqucrBiio36XmUmC8C
ZqrsMoxm7qqGDK2MyRjs5RdQGfmKUyvjbqMK9HKP8SvwENfIsmJyrEEaNq/By0CR
918r7LJWbF53GlyWhP8fSleoC9MG6TEqc4+7h8UZFg0PZ5eE43iXfO65jP31A1mm
PjOVqcAw0Evh
=5biw
-----END PGP SIGNATURE-----
News for package tomcat9
