-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 23 May 2020 15:51:17 +0100 Source: tomcat7 Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs Architecture: source all Version: 7.0.56-3+really7.0.100-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation libtomcat7-java - Servlet and JSP engine -- core libraries tomcat7 - Servlet and JSP engine tomcat7-admin - Servlet and JSP engine -- admin web applications tomcat7-common - Servlet and JSP engine -- common files tomcat7-docs - Servlet and JSP engine -- documentation tomcat7-examples - Servlet and JSP engine -- example web applications tomcat7-user - Servlet and JSP engine -- tools to create user instances Closes: 961209 Changes: tomcat7 (7.0.56-3+really7.0.100-1+deb8u1) jessie-security; urgency=high . * CVE-2020-9484: Prevent a potential remote code execution via deserialization of a file on the server. (Closes: #961209) Checksums-Sha1: de1c6e2b19956eda77b55d0e3e1cb6e5670481d8 2910 tomcat7_7.0.56-3+really7.0.100-1+deb8u1.dsc d699b8e107cee9ece80f051cc4cbc521ba49ffa7 3426752 tomcat7_7.0.56-3+really7.0.100.orig.tar.xz 4e259dcb80ebbf94fe0cea8759f40df8b3f03636 54344 tomcat7_7.0.56-3+really7.0.100-1+deb8u1.debian.tar.xz 474d40814b2c69d10443e0fda03f91a190718f7f 299898 tomcat7-common_7.0.56-3+really7.0.100-1+deb8u1_all.deb d02fdb852a1a3eba3a14c4a97494ca73974f9f16 56646 tomcat7_7.0.56-3+really7.0.100-1+deb8u1_all.deb 52dab4d4d0b4ab8b657621e04e1886465e657d2e 44148 tomcat7-user_7.0.56-3+really7.0.100-1+deb8u1_all.deb 35156f804679286cd8a91e4e6be582f754eb8467 4028428 libtomcat7-java_7.0.56-3+really7.0.100-1+deb8u1_all.deb 2eeb158d339e727869cc11c0cfdf743ce2b98b1e 319218 libservlet3.0-java_7.0.56-3+really7.0.100-1+deb8u1_all.deb c5a06b1bcb985670415ee080022e796d04476170 212874 libservlet3.0-java-doc_7.0.56-3+really7.0.100-1+deb8u1_all.deb 77a93b31ad69b9d13e5edfadb715e92b1753a909 40386 tomcat7-admin_7.0.56-3+really7.0.100-1+deb8u1_all.deb d0966e03c014f7c2d3913bcd77cf25c3d9a92331 203798 tomcat7-examples_7.0.56-3+really7.0.100-1+deb8u1_all.deb 9f8fa535d1538ad02865c8a05f48441a9821bffa 704070 tomcat7-docs_7.0.56-3+really7.0.100-1+deb8u1_all.deb Checksums-Sha256: 9fcdf01010cb73fda39dcc351356c8b6a559afea1ae81fe1214b92120f4e3589 2910 tomcat7_7.0.56-3+really7.0.100-1+deb8u1.dsc 74f261e8b5f5644865e8044e56826779e53227a5fea05c444b8bdaeb2310752d 3426752 tomcat7_7.0.56-3+really7.0.100.orig.tar.xz f694e4c22b748416868816f09ac81827fdafe961341f35ff401edd70cf2aec4f 54344 tomcat7_7.0.56-3+really7.0.100-1+deb8u1.debian.tar.xz a39235a3646e488f4bc8371475f4a290dd7a77e5b726b4deedb6b732037cba8e 299898 tomcat7-common_7.0.56-3+really7.0.100-1+deb8u1_all.deb 6fe58efe3105ef5b5a05579313860c8a729c4d74dd361b0d685b8bdf28fb2255 56646 tomcat7_7.0.56-3+really7.0.100-1+deb8u1_all.deb 671127aefd34f5a334cbf1a7973baa03c6bccc4c6f2918f194387ecdd3eecdfd 44148 tomcat7-user_7.0.56-3+really7.0.100-1+deb8u1_all.deb 6a8257881bf041fbaaca8908477e9755a4478832db18cabe03c3053cda01dba0 4028428 libtomcat7-java_7.0.56-3+really7.0.100-1+deb8u1_all.deb 3a701e587ddb68be590ca7f422271f45e58041078c83f0240a40b859773d9e22 319218 libservlet3.0-java_7.0.56-3+really7.0.100-1+deb8u1_all.deb 3b58c6f352a74d5c8f1ed32951e5015c2372293cf9edd0acca7a97ee55318eb4 212874 libservlet3.0-java-doc_7.0.56-3+really7.0.100-1+deb8u1_all.deb 9b7cec7e47a85a96c61c023848ff4e18ef93da44836b657a23518e88408955e0 40386 tomcat7-admin_7.0.56-3+really7.0.100-1+deb8u1_all.deb 93b607604b42157810d2bba2817e8bac3d252242c59eb4bf6f1de128b2111cd7 203798 tomcat7-examples_7.0.56-3+really7.0.100-1+deb8u1_all.deb 63bd1b37afdac7ffe0e6aa2ebb9615fd27e94eac4121a88294c55037b256a36d 704070 tomcat7-docs_7.0.56-3+really7.0.100-1+deb8u1_all.deb Files: 36252ed374bc2eed1d9c93d27de836ce 2910 java optional tomcat7_7.0.56-3+really7.0.100-1+deb8u1.dsc 0efc258afb43cbb86cbb808956fc8121 3426752 java optional tomcat7_7.0.56-3+really7.0.100.orig.tar.xz ab116c6e65a4d9422654de51c37aca57 54344 java optional tomcat7_7.0.56-3+really7.0.100-1+deb8u1.debian.tar.xz 6526f0d51d9cc270da20bdddecccc7e7 299898 java optional tomcat7-common_7.0.56-3+really7.0.100-1+deb8u1_all.deb c3f7ee21e716a45644ec383e3c6319db 56646 java optional tomcat7_7.0.56-3+really7.0.100-1+deb8u1_all.deb 826418b9a83aaafa1b38d2fbc03c3181 44148 java optional tomcat7-user_7.0.56-3+really7.0.100-1+deb8u1_all.deb a223c942a06af3808f0aad4539476add 4028428 java optional libtomcat7-java_7.0.56-3+really7.0.100-1+deb8u1_all.deb 27bb58b39550575759052c1193281fba 319218 java optional libservlet3.0-java_7.0.56-3+really7.0.100-1+deb8u1_all.deb b8755f068ad1190a64e8ef3084939332 212874 doc optional libservlet3.0-java-doc_7.0.56-3+really7.0.100-1+deb8u1_all.deb ef3272ee1bbb03b202331ee7a8ab3fa7 40386 java optional tomcat7-admin_7.0.56-3+really7.0.100-1+deb8u1_all.deb 9e7b72b9a0d19754d588ae04dc714553 203798 java optional tomcat7-examples_7.0.56-3+really7.0.100-1+deb8u1_all.deb a1759743a00daf83c0ce8a9325a2f3d9 704070 doc optional tomcat7-docs_7.0.56-3+really7.0.100-1+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7JXI0ACgkQHpU+J9Qx HljLpxAAmWNgYFMZCCTGeXZU/x0sBMZDwWFb9apRFjDuXHqUkaVPnuMOreRUrdO+ g5luBGXN+6Ht0nkn8aZk1tKTqrZYY+G28vO3WF2EczFLR84HKjp67prnGB+OlzTz WFQ+gnic6vD3f11uaF5v1/eJU70PkC1MhNUyngLm3v/tceMEJSbYMzuKwcFuY6pP 9tW3Tf9Uun0UiL1wEJS2lpKxV9pJciB2vTpcAH4jgyRJXMS94DFYoUx1RvJ1lE7J CSS+n8dONOhpqBp+hRWXHOoe3NMDm3KuPx/NnUtuoE5+UjY+NLYdL6YZopa8QEFB dcuO9L6EGQ35iwYidfX8rEiVxhCN9curaqfTojJGnZKMxI2Qzvfgo4/1W2Pf1Pry XxBnjmL/MADs3I7CG/6HEFr7bJZ4BlAG+KNk9OVMV6Kwjq2Ihh/KX+jsauyljt6Z vAGbgHyNKAa+ALal2cltvHLeoqU7C88rnsmAJpm7qCOsQNMrtadmcim57Y3ylE3s KjnIoILnb4y9Pyff0bzZantiC7iQEYtIB+9NzPT9Pv8AYIz/Zi20Di1ZnI9bupBH yF1ZvrB60gxa94YJk2b7ZouWnqAPwaRpAMM64ujr/fqPmaQII9Bm0rjp6SAGeHCN l1dHua1Zwft/VgAWaQaPfFPgFRBPN2IMl5WFzzSJ604cn7DTe1s= =CUKa -----END PGP SIGNATURE-----
