-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 26 Sep 2016 09:05:19 +0200 Source: tomcat8 Binary: tomcat8-common tomcat8 tomcat8-user libtomcat8-java libservlet3.1-java libservlet3.1-java-doc tomcat8-admin tomcat8-examples tomcat8-docs Architecture: source all Version: 8.0.37-1~bpo8+1 Distribution: jessie-backports Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Emmanuel Bourg <ebourg@apache.org> Description: libservlet3.1-java - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API classes libservlet3.1-java-doc - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API documenta libtomcat8-java - Apache Tomcat 8 - Servlet and JSP engine -- core libraries tomcat8 - Apache Tomcat 8 - Servlet and JSP engine tomcat8-admin - Apache Tomcat 8 - Servlet and JSP engine -- admin web application tomcat8-common - Apache Tomcat 8 - Servlet and JSP engine -- common files tomcat8-docs - Apache Tomcat 8 - Servlet and JSP engine -- documentation tomcat8-examples - Apache Tomcat 8 - Servlet and JSP engine -- example web applicati tomcat8-user - Apache Tomcat 8 - Servlet and JSP engine -- tools to create user Changes: tomcat8 (8.0.37-1~bpo8+1) jessie-backports; urgency=medium . * Rebuild for jessie-backports. . tomcat8 (8.0.37-1) unstable; urgency=medium . * Team upload. * New upstream release * Removed 0001-set-UTF-8-as-default-character-encoding.patch (fixed upstream) . tomcat8 (8.0.36-3) unstable; urgency=high . * Team upload. * Fixed CVE-2016-1240: A flaw in the init.d startup script allows local attackers who have gained access to the server in the context of the tomcat user through a vulnerability in a web application to replace the catalina.out file with a symlink to an arbitrary file on the system, potentially leading to a root privilege escalation. Thanks to Dawid Golunski for the report. * Removed the default 128M heap limit (LP: #568823) * Depend on taglibs-standard instead of jakarta-taglibs-standard Checksums-Sha1: 849bb00a7d1d8e539b0afb6e63effa564a74e4b2 2855 tomcat8_8.0.37-1~bpo8+1.dsc 938b65e2a856b0c99174e833dda6f27a854ed1aa 38848 tomcat8_8.0.37-1~bpo8+1.debian.tar.xz c289b47643312f143bad514697584375c951cca7 57140 tomcat8-common_8.0.37-1~bpo8+1_all.deb eee53bdcfe7e43754d71ac7a7230984291e69b9a 46838 tomcat8_8.0.37-1~bpo8+1_all.deb 1b2fab7ef58ffa25e3ff6fc9cab3d7d6e7e8443b 34550 tomcat8-user_8.0.37-1~bpo8+1_all.deb 75a29307c64a0b64b722fbb41ddf16fb89484415 4668574 libtomcat8-java_8.0.37-1~bpo8+1_all.deb e25d2a0228cc5a90cadd7b42d23ae759e2aa1119 391736 libservlet3.1-java_8.0.37-1~bpo8+1_all.deb 446b718f7fb48fc036e9ce6f5613e06b1b805f0a 251030 libservlet3.1-java-doc_8.0.37-1~bpo8+1_all.deb 938bbe88db2c14702fde1ae2f646f1c31eae18f9 34800 tomcat8-admin_8.0.37-1~bpo8+1_all.deb 238567a66f7b24bbdc2350c43b900fac30bac3b9 193500 tomcat8-examples_8.0.37-1~bpo8+1_all.deb 1e00b9639c8d0860d3d32e557b9829d2e9e532ab 749222 tomcat8-docs_8.0.37-1~bpo8+1_all.deb Checksums-Sha256: d64ae9f354402add268ecff4194f492d38ff2197452d207a50ba2b41db3cdfdb 2855 tomcat8_8.0.37-1~bpo8+1.dsc 48a9d9ca0347c3479a2d1532890392cf6b86a88f09197f6aacdf4bcd7e5dd18b 38848 tomcat8_8.0.37-1~bpo8+1.debian.tar.xz 5373dd78f8952431e0fe2088423d3b41efb7003b7ed071a36d1b5ef930bd4c70 57140 tomcat8-common_8.0.37-1~bpo8+1_all.deb 1ad363050cf23dc9e240fc004a3ea4dcaec7805621bdd0d45bf360ebd2c243b5 46838 tomcat8_8.0.37-1~bpo8+1_all.deb 042a861ccd272e7973978ada611e3d8d7f36640f9605033b697c3016989cfdfd 34550 tomcat8-user_8.0.37-1~bpo8+1_all.deb 51a4c5fb33b0e3bb51bca8b596496ec63a6177a92128783a0d35aafe7727638b 4668574 libtomcat8-java_8.0.37-1~bpo8+1_all.deb 56f82bf29dbdd6df6dd9b8d180997723e5c65aa7dbdec0af76442d11ca8b52a3 391736 libservlet3.1-java_8.0.37-1~bpo8+1_all.deb 52fdfb973b5208f20e76f6e39cc1f55281f6684c369a969a7e950fc50c472633 251030 libservlet3.1-java-doc_8.0.37-1~bpo8+1_all.deb 78d2e08507b0e61552e1ec0fe7f0670f453b31b5da5e856dee1da2ee32e047e2 34800 tomcat8-admin_8.0.37-1~bpo8+1_all.deb fb37447000e66daca1ae968f8289350d2bd5b3f91d32355117b3661f3cb2296a 193500 tomcat8-examples_8.0.37-1~bpo8+1_all.deb 0b92d80b5d404aacddd8870a3a98a2e5cf2bad231d8a3d1664607f1323780307 749222 tomcat8-docs_8.0.37-1~bpo8+1_all.deb Files: d66d910b2274e6b59a62c59c608d690a 2855 java optional tomcat8_8.0.37-1~bpo8+1.dsc e7d7d562ba1b6c4e7f4b1df58a5454dc 38848 java optional tomcat8_8.0.37-1~bpo8+1.debian.tar.xz a8cee2f338d100779b0d3baf34d231b2 57140 java optional tomcat8-common_8.0.37-1~bpo8+1_all.deb fe3b00600c8c4291348717afbad74dfa 46838 java optional tomcat8_8.0.37-1~bpo8+1_all.deb 51090d846677c50742db5878c1f013df 34550 java optional tomcat8-user_8.0.37-1~bpo8+1_all.deb 98f4746174c4f066864d68f13bb9d5ec 4668574 java optional libtomcat8-java_8.0.37-1~bpo8+1_all.deb 5f406395560cfa7801f9615e9087b23d 391736 java optional libservlet3.1-java_8.0.37-1~bpo8+1_all.deb 7a0fbd9f5eadbfd9a293968d8b8923ea 251030 doc optional libservlet3.1-java-doc_8.0.37-1~bpo8+1_all.deb d8f01fe41186583d69f3ac3827a4208d 34800 java optional tomcat8-admin_8.0.37-1~bpo8+1_all.deb e2bcf881ea4f66efc0f8e548c4992ac0 193500 java optional tomcat8-examples_8.0.37-1~bpo8+1_all.deb 75beee23360c55ebac72dc277c2783eb 749222 doc optional tomcat8-docs_8.0.37-1~bpo8+1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJX6MpSAAoJEPUTxBnkudCsPOkQAKdHWwqynSOLR3HCJ3n+TIwX zOLVbGxqA2GR4KIIeXVlIhTblo/yGg9kz0nww5U3bjsu27GYvKuLiT1fByoIA5Oe TrincPO7Cw49iCw1SrjjUv91DwwQaku1gcFl4XI9D+vDzQWIPLg5GcBmClcbA1Cq 1tJUg6vvNPOe1EXqUhkh1xnfawxPgei+WEmMchsV5NrVemmZ+7pe2yQHhyPEQ/w2 epEWOMBOeIja5lSm8ld70/Lf7c/GIfBX4QkVvXyqwPljleFw7nbTaXkTfwuOUiSK Mfna5zomwmyQd8pgD8RCI+aaxQyJRA8hdDVaS0qwkOuKIOiJmYmgJIsgtUjyQyGQ DFJ+951QWptToaN+zZ+JLbtLicrySafYkgSsZ4bFHJ5WPqmTNQf4LB9xfjxi9nlL XvYuJ5v4kFiPq06V0mFNaYlBkmfKG46eAcVC2mhoUlVZBYbXahJaxT9Q5Zq0S0+U pISAHZD+XaEM76CZpI7+vDx53Lnv/1wiwzs6BC8H+TG9rprZnvPvb6bknLdI1jPT YIZpMhIQTqOXz0kmnQ6qd/awRxZAdPp9zl1zMnZ93bbrWCKMtSov8MCEH6pMeBfo nAQg+gHi8MeUc3lBx2X4MnzTiOrDEqhJ9jSRlQhSOkRJNJz87U/HZP9naouYnfi1 YdAhTVDMZxE6UurV3UWu =d0zU -----END PGP SIGNATURE-----