-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 26 Sep 2016 09:36:44 +0200 Source: tomcat7 Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs Architecture: source all Version: 7.0.72-1~bpo8+1 Distribution: jessie-backports Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Emmanuel Bourg <ebourg@apache.org> Description: libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation libtomcat7-java - Servlet and JSP engine -- core libraries tomcat7 - Servlet and JSP engine tomcat7-admin - Servlet and JSP engine -- admin web applications tomcat7-common - Servlet and JSP engine -- common files tomcat7-docs - Servlet and JSP engine -- documentation tomcat7-examples - Servlet and JSP engine -- example web applications tomcat7-user - Servlet and JSP engine -- tools to create user instances Changes: tomcat7 (7.0.72-1~bpo8+1) jessie-backports; urgency=medium . * Rebuild for jessie-backports. . tomcat7 (7.0.72-1) unstable; urgency=medium . * New upstream release . tomcat7 (7.0.70-3) unstable; urgency=high . * Team upload. * Fixed CVE-2016-1240: A flaw in the init.d startup script allows local attackers who have gained access to the server in the context of the tomcat user through a vulnerability in a web application to replace the catalina.out file with a symlink to an arbitrary file on the system, potentially leading to a root privilege escalation. Thanks to Dawid Golunski for the report. Checksums-Sha1: 4434f8656a0c44da28f76075e1153d2a4bc485b2 2835 tomcat7_7.0.72-1~bpo8+1.dsc b1bd10d4cef79d44e0412baca87e5d5a10dbbc6d 66988 tomcat7_7.0.72-1~bpo8+1.debian.tar.xz 1fbd1c18140b6fe0b28992882b519e12726d06c8 280302 tomcat7-common_7.0.72-1~bpo8+1_all.deb ee5e7a3c24881fdfd917c57bfd46759a98ba114e 52214 tomcat7_7.0.72-1~bpo8+1_all.deb 7f08a0a392cdc2888a214a66233a4fecc7238cff 39670 tomcat7-user_7.0.72-1~bpo8+1_all.deb 7302f3ad345bf1341e63742fa6f5febe1e60d091 3726310 libtomcat7-java_7.0.72-1~bpo8+1_all.deb b400cefc15fa07435cfb92ab379e6b693bbbea1e 314260 libservlet3.0-java_7.0.72-1~bpo8+1_all.deb 491f702b5dde6833d3412c1cf39ed9f2626ad359 205978 libservlet3.0-java-doc_7.0.72-1~bpo8+1_all.deb 89d54de9f080cbc67f7766bc97d47968a3f60a7a 39758 tomcat7-admin_7.0.72-1~bpo8+1_all.deb b0fac044f71b7ffaab8ebedebc3f1834bd7deb11 198492 tomcat7-examples_7.0.72-1~bpo8+1_all.deb 84d271322b8d4e0c700455633622f93e6c39a83c 653600 tomcat7-docs_7.0.72-1~bpo8+1_all.deb Checksums-Sha256: fad3fd57f9312168101bda29b642c9850b89e3ac1782ef55955954d38683eabd 2835 tomcat7_7.0.72-1~bpo8+1.dsc 9ebe8f47eb8f4cc154e0582ce42d1cd3ee3a2021d137fb5ff37e79782e9333cd 66988 tomcat7_7.0.72-1~bpo8+1.debian.tar.xz 6454701e1177a3dd8882f5dbc455ba5309b69dcbd7154e143f9f17c1e1496240 280302 tomcat7-common_7.0.72-1~bpo8+1_all.deb 90c2b5a5d0ed3b2e3551ca86c58447e05ceec6310fe2faebb64428f3976e6e6e 52214 tomcat7_7.0.72-1~bpo8+1_all.deb 89af20093365037d673245144b1c24204c1aa242e7e6c646bacb02e49cc5b3d7 39670 tomcat7-user_7.0.72-1~bpo8+1_all.deb 96f30d0255c9ffdb7e7203de23d945b30fcf5c69116aea9a96ddbbc0580c9ff7 3726310 libtomcat7-java_7.0.72-1~bpo8+1_all.deb 9d3a295dc05755608cc4f9f85ac9d4d75eb75ebd89a54176accea3c1c725b7fe 314260 libservlet3.0-java_7.0.72-1~bpo8+1_all.deb ee8e6fd915d2468b98d6ddab698bc6a5d70e6db165355bb5558855b0fe1e6f62 205978 libservlet3.0-java-doc_7.0.72-1~bpo8+1_all.deb 04f03b8d7933d8ea275e6e1432cddb9f2d0677bdffa30cfff0428ef9ffd765ca 39758 tomcat7-admin_7.0.72-1~bpo8+1_all.deb 7643fa3fcccf38f24ecefff6dffb9b8105059097fd8245afca82d28306b4ab16 198492 tomcat7-examples_7.0.72-1~bpo8+1_all.deb 0045e270a4026b3a68fbadd3128c5fed6db13963cbda218b0351c07aed092561 653600 tomcat7-docs_7.0.72-1~bpo8+1_all.deb Files: 312ce73f9284e0108ab6337ce711281f 2835 java optional tomcat7_7.0.72-1~bpo8+1.dsc 14f51307d2087477e7d7e5918e07544c 66988 java optional tomcat7_7.0.72-1~bpo8+1.debian.tar.xz d235d98e6bdd3be484fa5a21086a3cc8 280302 java optional tomcat7-common_7.0.72-1~bpo8+1_all.deb a365863934e723f80b17295356d5b2e7 52214 java optional tomcat7_7.0.72-1~bpo8+1_all.deb 306ffc80d9ca04b953532e2b7fa73759 39670 java optional tomcat7-user_7.0.72-1~bpo8+1_all.deb 577ea5bccdc42a5272c4ff28365f2c42 3726310 java optional libtomcat7-java_7.0.72-1~bpo8+1_all.deb ea613c64cf0c44f4dd3b5da584427599 314260 java optional libservlet3.0-java_7.0.72-1~bpo8+1_all.deb 9636a9fd7acf58e99f7f40797f58e95f 205978 doc optional libservlet3.0-java-doc_7.0.72-1~bpo8+1_all.deb 5ab4d28c1bed2f2960fcabce5ad071c2 39758 java optional tomcat7-admin_7.0.72-1~bpo8+1_all.deb 0cacdc620e29ead4ca29ff2174ddf69e 198492 java optional tomcat7-examples_7.0.72-1~bpo8+1_all.deb 09f757cc7cca1241c570e542c948eba5 653600 doc optional tomcat7-docs_7.0.72-1~bpo8+1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJX6NCUAAoJEPUTxBnkudCsprAP/1sBqUpz+TRdsnaZF/9XchfP wsjXOteUMbCfYIZqSJ4EjHNeOaGUfqaS7LcthCNdzrGHapBhjksBR0j98OqQ0Pvc uz7xdPtLnKRFKm8kC9c2ot3WzbiRptPIlYA/bYSPakvY/2yjZe33OwVeNf7fb4fl MXo7WmZLkvvBJm+FpmCJ5dfxxbOPFKi+SVZMX8krdDrGiCj7tCs9uMqoiJX/wXJZ fwEebTkQgs5J5nr5X3KhXQvn3y5cONXrMOnStcsPfFZoBJ4kMrPC6iftkyaIYdPT KNz4f+jn37EvZGmwPIwf9/IQQCIG2MeZ9YK7wGT+d3xagntLNn6Pvnc+tXPfocSF mmo0kf2OiHpKhXMvEXmn9SiyfWe1AbBb6MK86HFoABodNzUlesBGKphMdBl3wMT3 ozao1q9jd5t+b9wv2BrVjBf6MaMNsvz4ekl2U9CUMf07TreQc4xbT9vdPfkpdW9g m22fhCis9AWGMS3G3PlQsMk8E5QJWq0HJuazcrYzA8bkq0faIfLh2W+QB/xX9B6R BRtwXVElfX3OhvNLs/hRZQVEpHT3SjfnX7BOwb0+j0eevRfE9RWp946x2+rHxQQB YhHw82GCEb4FrujsJzlXKov/UE/rpp99Eim/47Nc1Dz16pAnWKBVZdsoanT2MzV/ yW6Q98MZ42qcVcZb3ttk =QnM0 -----END PGP SIGNATURE-----
