-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 16 Dec 2016 19:01:40 +0100 Source: tomcat6 Binary: tomcat6-common tomcat6 tomcat6-user libtomcat6-java libservlet2.4-java libservlet2.5-java libservlet2.5-java-doc tomcat6-admin tomcat6-examples tomcat6-docs tomcat6-extras Architecture: source all Version: 6.0.45+dfsg-1~deb7u4 Distribution: wheezy-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libservlet2.4-java - Transitional package for libservlet2.5-java libservlet2.5-java - Servlet 2.5 and JSP 2.1 Java API classes libservlet2.5-java-doc - Servlet 2.5 and JSP 2.1 Java API documentation libtomcat6-java - Servlet and JSP engine -- core libraries tomcat6 - Servlet and JSP engine tomcat6-admin - Servlet and JSP engine -- admin web applications tomcat6-common - Servlet and JSP engine -- common files tomcat6-docs - Servlet and JSP engine -- documentation tomcat6-examples - Servlet and JSP engine -- example web applications tomcat6-extras - Servlet and JSP engine -- additional components tomcat6-user - Servlet and JSP engine -- tools to create user instances Changes: tomcat6 (6.0.45+dfsg-1~deb7u4) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2016-9774: Privilege escalation when the package is upgraded. * Add CVE-2016-5018-part2.patch and fix a regression when using Jasper with SecurityManager enabled. * Update CVE-2016-6797-part2.patch and fix a regression in ResourceLinkFactory.java. Checksums-Sha1: 0ed5e9b472317a6f2238d1dddf28151b044683c3 2905 tomcat6_6.0.45+dfsg-1~deb7u4.dsc 3047b95358ba718b21dc792ee249b1c612f88c41 61428 tomcat6_6.0.45+dfsg-1~deb7u4.debian.tar.gz 9df46c4a8c25e74304e2d203f35217ca7a200d9e 58608 tomcat6-common_6.0.45+dfsg-1~deb7u4_all.deb f39bad9dbdd9bec99d3ac9f47253f345205ce9b2 52246 tomcat6_6.0.45+dfsg-1~deb7u4_all.deb 2a1a409060f27c311fad2b16531cc48958869cc9 41892 tomcat6-user_6.0.45+dfsg-1~deb7u4_all.deb 6bf71c62e0afd07875199e018f3b17f2225ff89d 3167572 libtomcat6-java_6.0.45+dfsg-1~deb7u4_all.deb 3a8ec2e70f1b02219d696d15d34a408988291c4b 15808 libservlet2.4-java_6.0.45+dfsg-1~deb7u4_all.deb 37965719f3dbf32cb254c7ba3c93a53319d148b6 242188 libservlet2.5-java_6.0.45+dfsg-1~deb7u4_all.deb f31d2aad11a011b47bbef2a104213c4e90d23ba3 274068 libservlet2.5-java-doc_6.0.45+dfsg-1~deb7u4_all.deb 85934d0ddec3813ae842933992315bbe2145ad43 51380 tomcat6-admin_6.0.45+dfsg-1~deb7u4_all.deb 3b5a46b1f564d770f4629b9b43d37e1c200bff0a 166394 tomcat6-examples_6.0.45+dfsg-1~deb7u4_all.deb 7014e50e8c374b1c2295dd58172484a7bc9de45f 605206 tomcat6-docs_6.0.45+dfsg-1~deb7u4_all.deb 53cbd18d619987278792c1a3250185a04cfff736 16024 tomcat6-extras_6.0.45+dfsg-1~deb7u4_all.deb Checksums-Sha256: 9ee558516687ebbc62c1123ea121ec4dff1d787ea77ee8823cbe214467282052 2905 tomcat6_6.0.45+dfsg-1~deb7u4.dsc 7f29ff6eddc287a7ecb34634197a0c96f8c8351cf990a40f582077ce1dcb345d 61428 tomcat6_6.0.45+dfsg-1~deb7u4.debian.tar.gz 01cfcf829ffe02402fa4382cc81338808f0f0f050be69d51629c6cd2482b64e9 58608 tomcat6-common_6.0.45+dfsg-1~deb7u4_all.deb e304dbe59157a092103828d6871f5dcf8b7b2afad0b7027dab4ab8aaf3ee3e8b 52246 tomcat6_6.0.45+dfsg-1~deb7u4_all.deb bad669801e9a121a272495908fabef20dfb6f2584733dd7bcf54ae988cd7e841 41892 tomcat6-user_6.0.45+dfsg-1~deb7u4_all.deb ebf5bc9039187cc166e67d98e0ee51970e56e5948f62978f61f350eeaa826ddb 3167572 libtomcat6-java_6.0.45+dfsg-1~deb7u4_all.deb 80e9202b3b15cce354677223fe253da447a6f04cb93c6cb280329237d0b0504f 15808 libservlet2.4-java_6.0.45+dfsg-1~deb7u4_all.deb 69c41b6ad64c66b0684a0a3fe3c065d354b046c56a4435ae205fc78971e91342 242188 libservlet2.5-java_6.0.45+dfsg-1~deb7u4_all.deb e1bba7070881b3a58601a673f4df1d9a2aaacb70f21733aeee02213ca8d65de6 274068 libservlet2.5-java-doc_6.0.45+dfsg-1~deb7u4_all.deb 7b73fe0515fd0403d8357b73758424fa316e5e5c6c67697accb566d0f25a16d2 51380 tomcat6-admin_6.0.45+dfsg-1~deb7u4_all.deb 4948056f12913f3d6b74553852fc40106544a8a398192495e1625c1c4a3f7955 166394 tomcat6-examples_6.0.45+dfsg-1~deb7u4_all.deb 0f910f07e300c73fd386237eb1d62cbda649882fc51dcb11b6e5338aa5ae3849 605206 tomcat6-docs_6.0.45+dfsg-1~deb7u4_all.deb ed727433d8868ed99106f9ddb5b3ca3ddb2a4b96ef1e058e445a9fce5f81197e 16024 tomcat6-extras_6.0.45+dfsg-1~deb7u4_all.deb Files: 21e5b8dc0605142a553acf9f4b55ca9a 2905 java optional tomcat6_6.0.45+dfsg-1~deb7u4.dsc 7e69cfe15a947a87378d4521256f2f8a 61428 java optional tomcat6_6.0.45+dfsg-1~deb7u4.debian.tar.gz ca85cf3ab0159d49115c742e0badd0b0 58608 java optional tomcat6-common_6.0.45+dfsg-1~deb7u4_all.deb 6d8436ec81049dce08c5e71730f9272b 52246 java optional tomcat6_6.0.45+dfsg-1~deb7u4_all.deb 3e4246f1eb0d88018f2c77b0f2c0c840 41892 java optional tomcat6-user_6.0.45+dfsg-1~deb7u4_all.deb 3fd9ea231982874eae48ab25e3f4080d 3167572 java optional libtomcat6-java_6.0.45+dfsg-1~deb7u4_all.deb 09ab51c2ca71150334bb7e1a512453ee 15808 oldlibs extra libservlet2.4-java_6.0.45+dfsg-1~deb7u4_all.deb dc2ae12fca4cbf470d85cf305db305a9 242188 java optional libservlet2.5-java_6.0.45+dfsg-1~deb7u4_all.deb 9f8d8c7e898eff4d76935a4b2fb7d958 274068 doc optional libservlet2.5-java-doc_6.0.45+dfsg-1~deb7u4_all.deb a7b25f8c6f0fa871d72af1a7a4bc4728 51380 java optional tomcat6-admin_6.0.45+dfsg-1~deb7u4_all.deb 193d5aaf906eb50e5e5d1e4940a7ee21 166394 java optional tomcat6-examples_6.0.45+dfsg-1~deb7u4_all.deb 7110305c166ae76d583e0af4b39346ba 605206 doc optional tomcat6-docs_6.0.45+dfsg-1~deb7u4_all.deb 9395fe1968f525de3b1a246d310d609e 16024 java optional tomcat6-extras_6.0.45+dfsg-1~deb7u4_all.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlhUMy9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkDxcQAM6/PfC4ibCSlQ8We4wIol+QC7eNNzazVI70 LEAGlrkUlfsVZdfAd3MNYKdZAaIqzjcjM8KSLXvvuiOXw/5LheCO97NNgbWnuLRZ LWWjptb6Pnz3PMRmEnV3NXHtd7WkHDA36nE6RJ6+eCNbq2BuUwtBSetBptzYk8d7 DmmckSWVm1qaQmRGWKYSmPyT5zBMT6yK6DMiMc28PG8zZFHZ/2hGbkplgSiJhvkH Iw+LMCNVngCfXx4fwii9Kp52wL4aEDbCOGk7rbXofLmmCkVE9KplH5ergCD39lSK FwHFLDRdv02qu2G9E5FrhSCmNMtJUAmB4B+4nEbf2j067s38+SUBYk3pfBAowGwh 0wwMEKCWsVPoWKh9mrXPYT/7iZeKPPzNPkqwR2w0R9Sjv0k2m+g4ulziFPXJdxql Vuf2klb/5Pi0Pyxg+sGt2VccyjCZUbfukV/w+iU9XGNSuVHDvwD5zHkF9XWvyCmZ dv2OsbFlLMg09q9OIjvcytYJhHOxz3AN+2mD9bLdj5luUNbQ4bAFQ4TtSGGig8c8 d9awnXXQMIkd48PupqYm7EJowdFGUmC+CKK/S3IA73GDQZRddY6w+F9DzX5NTaUr JucLZ/RhsutTzkG3FdvA6xDInms/41zorAy8JlmBt/2aOnZOBa0D25GV7+bUckCN PDTtRjKo =DQv0 -----END PGP SIGNATURE-----