Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted tomcat9 9.0.31-1 (source) into unstable
Date: Tue, 25 Feb 2020 00:09:05 +0000
Signed by: Emmanuel Bourg <ebourg@apache.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 24 Feb 2020 23:37:00 +0100
Source: tomcat9
Architecture: source
Version: 9.0.31-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Emmanuel Bourg <ebourg@apache.org>
Closes: 930872 931997 942316 948553 952437
Changes:
 tomcat9 (9.0.31-1) unstable; urgency=medium
 .
   * New upstream release
     - Fixes CVE-2019-10072: Denial of Service (Closes: #930872)
     - Fixes CVE-2019-12418: Local Privilege Escalation
     - Fixes CVE-2019-17563: Session fixation attack
     - Fixes CVE-2019-17569: HTTP Request Smuggling
     - Fixes CVE-2020-1935: HTTP Request Smuggling
     - Fixes CVE-2020-1938: AJP Request Injection (Closes: #952437)
     - Fixes CATALINA_PID handling in catalina.sh (Closes: #948553)
     - Refreshed the patches
     - Fixed the compilation with Java 11
   * Moved the RequiresMountsFor directive in the service file
     to the Unit section (Closes: #942316)
   * Tightened the dependency on systemd (Closes: #931997)
   * Standards-Version updated to 4.5.0
Checksums-Sha1:
 3067a78fdc605df8ed8776bd5e7e25363fa78d78 2731 tomcat9_9.0.31-1.dsc
 6dce5750da0a116b733f87b29bd896809d3926c9 3853428 tomcat9_9.0.31.orig.tar.xz
 96e6d88a70bf95e00054891e42645f6b62a7e756 33316 tomcat9_9.0.31-1.debian.tar.xz
 42005f0789d4e749664ce523305efb1f1b680dbc 11806 tomcat9_9.0.31-1_source.buildinfo
Checksums-Sha256:
 c548143763f41e70bacf050ead17fc95154c6f3995afa1133395212b148fb011 2731 tomcat9_9.0.31-1.dsc
 d8d61755c7d670f44b58d5863a79b0f1e900c3a832d74d9b57d6bdc130bbd6c8 3853428 tomcat9_9.0.31.orig.tar.xz
 e0764ae086c179f4740991ab2f5a7f429a04129aa4b60a1fd666402bfefba988 33316 tomcat9_9.0.31-1.debian.tar.xz
 eaa234b6a85d9097f78d2036f90f1d0a5f22417011aabf1236365a9f0e6a6876 11806 tomcat9_9.0.31-1_source.buildinfo
Files:
 bc9f3977c0418632f00b34b9e5544903 2731 java optional tomcat9_9.0.31-1.dsc
 c6f454e03cfa1b203cc8784c7df39885 3853428 java optional tomcat9_9.0.31.orig.tar.xz
 72ece3547b64b011a1aaf6aecf36bb4d 33316 java optional tomcat9_9.0.31-1.debian.tar.xz
 10cb401e761ce959b61ff0e3dc8d0e9f 11806 java optional tomcat9_9.0.31-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEuM5N4hCA3PkD4WxA9RPEGeS50KwFAl5UX7MSHGVib3VyZ0Bh
cGFjaGUub3JnAAoJEPUTxBnkudCsWVYP/RtW+lbQqcK9pkUy2eIXBQEXlzi8zhrJ
CIjRUgE92vkgAmytqqm7eqfjHg/aEgcH/L0HqRT5F9GWUGgZxJElSuiJKEtyc6j3
BXY2kqzk8xpV4neLKJ3TBjbWN6TigNRswsir5ouG3KaKzy/wIRdUdrnzYb1b8q34
yBE9TXS6z80aWL4UYxABvw+wuPjiu9A7tC3lFIqIZg6TTsVbHUv5Lb+zx/PN6M39
3zOstTL2d6UE8TVEnob+viWIXm6+SSrNYHJ9u0egdlrPVxKyGtZytqnnini0lqEQ
mHCLYJsuh0hjea2PvZmU5R6aC5UAVwXOYmdp8OuuFbGBwWHBirox8URv+gARGT3w
nqBwZzuX+0sbTWzmAWZDXZKM71qXoaY0FIkmt43Fi/MY3mcYTA4JI8989WJYLqEo
YiIugJ4l1PMUtrF63GcXpgeOEaTv0PZrKDTxlG3RYMsD6ilIKKq4iTfi4u/iMWHU
AaPKMcsXYWCgcmX1YiHtsZxuFwPa2l212SbNuGwuy8JCZPWsV/nRYZc0r171XoWH
fsHbQuZ5lV93qoCdAvpkvKkFXFUfK2J9YaFB1rcf+McRGODOqjKfQktnhGSpxksN
NNJmWUm2UaVRSlVpISLqnEpkAzjlxVmrXoRykSC63M8PNI/OGMRP5zfoCSLzotWH
KJLfskMTX0Vc
=VNMm
-----END PGP SIGNATURE-----
News for package tomcat9
