-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 11 Feb 2018 21:16:59 +0100 Source: tomcat-native Binary: libtcnative-1 Architecture: source amd64 Version: 1.2.12-2+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libtcnative-1 - Tomcat native library using the Apache Portable Runtime Changes: tomcat-native (1.2.12-2+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2017-15698: When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected (if the OCSP check had been made) to be accepted. Users not using OCSP checks are not affected by this vulnerability. Checksums-Sha1: be17a29b087add8aa1e0a8f6f5bcace54f76c29e 2229 tomcat-native_1.2.12-2+deb9u1.dsc 62f457aa9af54825f2ca6e9791f06e1b012c2a2f 243776 tomcat-native_1.2.12.orig.tar.xz 010d31000e3c1aeb8a08fc01a7945852368de35f 5608 tomcat-native_1.2.12-2+deb9u1.debian.tar.xz 4de2009e3fab0db50010f5cab42b80dc2d46c7f8 355582 libtcnative-1-dbgsym_1.2.12-2+deb9u1_amd64.deb c4258813ad09aaf3e61aab7e9c3d4f017e191ea1 83966 libtcnative-1_1.2.12-2+deb9u1_amd64.deb 3936edad453a6dd4630bad9295ea5aa511bbe81c 10946 tomcat-native_1.2.12-2+deb9u1_amd64.buildinfo Checksums-Sha256: d460c0cb4d747592ac882a8c672e66bb9e6ba895e1800ac4e475fbf961235a23 2229 tomcat-native_1.2.12-2+deb9u1.dsc ddd59cdfa34331524c6a95605fa7f5077887d6cb14f4c663eec69102ec48b73a 243776 tomcat-native_1.2.12.orig.tar.xz 16f0f00d78da10e4c924601fae4e428f0cf702b37dbd096c216c289a8b7c0ae5 5608 tomcat-native_1.2.12-2+deb9u1.debian.tar.xz 6d4b218f8db69acc0ec483b17719d102ab4bb7b9938902c1ff3e5d459004d6fa 355582 libtcnative-1-dbgsym_1.2.12-2+deb9u1_amd64.deb dc96dc44a1346aec905d1e057fae91c25b1efe76ba059bfd55aecde603bcc979 83966 libtcnative-1_1.2.12-2+deb9u1_amd64.deb a701fff40409c864755d75bd82dd0544bc70391d556296be51e22d77b76c8515 10946 tomcat-native_1.2.12-2+deb9u1_amd64.buildinfo Files: e1bd09c397e5736b47b2ca8f7b031968 2229 java extra tomcat-native_1.2.12-2+deb9u1.dsc 5b7c3866cbc0a037f727a1a698522e59 243776 java extra tomcat-native_1.2.12.orig.tar.xz c7310345203ee05d909c84bc77542dd3 5608 java extra tomcat-native_1.2.12-2+deb9u1.debian.tar.xz b3033eb1727717e52fa0441964f5117f 355582 debug extra libtcnative-1-dbgsym_1.2.12-2+deb9u1_amd64.deb 2156d7c6cafd900a3d38bf78d94f7a95 83966 java extra libtcnative-1_1.2.12-2+deb9u1_amd64.deb 7e35405ff9efc8e2b10aa9348eb25c45 10946 java extra tomcat-native_1.2.12-2+deb9u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlqBpPdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkxLMP/jNzrfyzWPDXuYOggiAwTqI7GOy2jLzuQss3 xiKdP0IwBgA7eMi6HKmxdf7dwUi5cWYU8VPhq0BzPoPFJ0Fi2iuZQ22Ywidcfqjp 95YYgVTYiWAR8JgMV8xYdyFHnomAOc90uio5uoSYTzWPZWDTe7ol3CEfAFh+6zdn 3mGBdfds00yuqHPJ1g+hosEaQcW/q4kj1/6jqfSIStohdHmgmYioZjGyyfwGfDXG HJbnsySjB8JOKSIu/HgHqTJYDEGXpl7V1Jt/Hg/LOwslUh1B31NuW4bBd2g/w0Jo cDgTXoH1SGfpQjUrxiwKBZfMmBngUIjl/jHLrvC3VcSWYdtOe6X9X9Ha4FYkmTza yuvjPqXO3YMntMaFlsU/0KmvsohsIkXqNLLUZPNuCzfRkgruwHe0idzf8LDSXzsb 6bE+qim4l0XLV+7rN8dIyCrskUWPLuPk/wyox0BpnLyNZxbAXLDRXEYHIpbBdi6E GPEPKUu46Ue6SS/tJ7zCjRviyhvD1eC0LeCD88UhthziQLp2y1CTTLTnf0H6FmEk ZP8j52X7XAOr7ymf57ghvM2Arv20V8FkVTwQXiH12o4qpvow/999xa/HVRCL/UFr RDMmj43PuL4OETipnwQaEi8Z7yn2b7Cm5uH9u6P8rGOVBV+H0L/06r1jK1bBz30A hOKdFjLz =reHr -----END PGP SIGNATURE-----
