-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 11 Feb 2018 21:01:06 +0100 Source: tomcat-native Binary: libtcnative-1 Architecture: source amd64 Version: 1.1.32~repack-2+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libtcnative-1 - Tomcat native library using the Apache Portable Runtime Changes: tomcat-native (1.1.32~repack-2+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the LTS. * Fix CVE-2017-15698: When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected (if the OCSP check had been made) to be accepted. Users not using OCSP checks are not affected by this vulnerability. Checksums-Sha1: 723edf9fe46841fef0759940d82a96391547317c 2267 tomcat-native_1.1.32~repack-2+deb8u1.dsc a39ddc8c230da50a7f27f1deb1d1d117373477f8 388291 tomcat-native_1.1.32~repack.orig.tar.gz c4d31c46ac6fe7885291d600c2a212fe686b9b5e 6052 tomcat-native_1.1.32~repack-2+deb8u1.debian.tar.xz b4133965aacdb0f2e3502d5e4b724c07a26ac134 85062 libtcnative-1_1.1.32~repack-2+deb8u1_amd64.deb Checksums-Sha256: 8bb6d7af9cd893cdc2fcb691e8951333aa6ff76d672051aadba5d9317ba20b87 2267 tomcat-native_1.1.32~repack-2+deb8u1.dsc 81394519aa0704f7fc6597148d9939fd2344bce4c9bbab0424050db2405b0cf5 388291 tomcat-native_1.1.32~repack.orig.tar.gz 26ecddcde1b63d1c97319718d2b5d4c7cd2f46a8dd9a6ce25b8e478bc81a5aef 6052 tomcat-native_1.1.32~repack-2+deb8u1.debian.tar.xz 4ce389396be881ef446cfa0d4f9659240c25e780c0f1e250a230c95a456eb485 85062 libtcnative-1_1.1.32~repack-2+deb8u1_amd64.deb Files: 57f4305028d42a9670fe954b0facd9ef 2267 java extra tomcat-native_1.1.32~repack-2+deb8u1.dsc 993abcdf75aa35f3e2a650de9bcb9a10 388291 java extra tomcat-native_1.1.32~repack.orig.tar.gz 037a2456058ac3034f6b8b7869e697d6 6052 java extra tomcat-native_1.1.32~repack-2+deb8u1.debian.tar.xz 70d197a8f9be1e68786bcf19019aaa48 85062 java extra libtcnative-1_1.1.32~repack-2+deb8u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlqBpRtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkGzEQAMhzhEgsrXO55EbuXxqJPu6SsYQ9ZRJGX5x+ dbunueZ4o2Mfqm3224NhQFxV9EX9OKdirxJfsB04fYurTeTzg+30BPxXM0hZ5/vS tM8/SvrqeljMQqFz6v63aCvjah8kUfeohcgPE+A7JvK9J2T8JAfSMVLOKrocqp25 FbTRQVM0VXCYr+gJt9BasqOVvc4Yk5SCGKtod9UQjVfqlMYJAWZnUoBP8EJ0pdg2 t6DohJb2jsEVfquKvWmciX6ubGIw5DENGdMoU7WeaYmjQ5Zsa+eQILJcNpmyowkr XoAuT3rkRJy90JPxDkZ/aOXYXAsFZ3gn7XjrME9uRP/I1+J36jqwJWRUHquBmrk/ 4yoKiB1Sv+KThVmHKPoqATJB1ZANJcE4bEPc4f79RH3xLARdBO7JGlH8OVGtHAim L14RRaHog0hrcDKRnvFEHqxP9d3hfqubXmUgyavVN88urIczu1iqtxcxp01F+YQ3 P4P3TmFIptL7bn5j8hhjtC/JCiJT+QfN1B5vmo6DOCfH7daHhQFxHXkmMxCOcipK 74GoU7ZWwU1qa8q9qrOyIuuuB3oVK0pL+fazuxpYzTUk2VKuiwYRVS/Hu+C/jwNP ua7rI14rJ0nJFKzKIQBvPxsFbJWsJndXE2nN5XuwgnVs9cId7bc5tgZZl8lzESQY 2pyVP8+w =hGdm -----END PGP SIGNATURE-----
