-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 22 May 2018 12:57:23 +0200 Source: tomcat7 Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs Architecture: source all Version: 7.0.56-3+really7.0.88-1 Distribution: jessie-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation libtomcat7-java - Servlet and JSP engine -- core libraries tomcat7 - Servlet and JSP engine tomcat7-admin - Servlet and JSP engine -- admin web applications tomcat7-common - Servlet and JSP engine -- common files tomcat7-docs - Servlet and JSP engine -- documentation tomcat7-examples - Servlet and JSP engine -- example web applications tomcat7-user - Servlet and JSP engine -- tools to create user instances Closes: 787220 802312 898935 Changes: tomcat7 (7.0.56-3+really7.0.88-1) jessie-security; urgency=high . * Team upload. * New upstream version 7.0.88. - Fix CVE-2017-12616, CVE-2017-7674, CVE-2018-1304, CVE-2018-1305 and CVE-2018-8014. (Closes: #802312, #898935) * Install the missing WebSocket jars in /usr/share/tomcat7/lib/ (Closes: #787220) * Remove debian/keystores and use the latest upstream keystores instead. * Build-Depend on libeasymock-java and libobjenesis-java for improved test coverage. * Refresh all patches and drop obsolete CVE security patches. Checksums-Sha1: 690815d1849387ffa6f2ae9f236d8d3fd3a949d2 3026 tomcat7_7.0.56-3+really7.0.88-1.dsc 2bfc9662a9f364ba72668c159af8327d939401b7 3255820 tomcat7_7.0.56-3+really7.0.88.orig.tar.xz 5fb830bf93d1a27dbc8fdc5f1a0b2c74c515bef2 52412 tomcat7_7.0.56-3+really7.0.88-1.debian.tar.xz f57efd1552fca5aa5a7a05ae661260077716dcdb 294736 tomcat7-common_7.0.56-3+really7.0.88-1_all.deb 3968c136f876768cbd8c63a6a7e7d5972add7ff9 54928 tomcat7_7.0.56-3+really7.0.88-1_all.deb e4b2a9c53cd196d3b8c8d5ab5326ae110760dd38 42342 tomcat7-user_7.0.56-3+really7.0.88-1_all.deb 9bda25c42613eb16edee3dbe3cc35289b2fc5956 3798550 libtomcat7-java_7.0.56-3+really7.0.88-1_all.deb e2289aab46e6b2939cbb088bab575e470b419c1d 316850 libservlet3.0-java_7.0.56-3+really7.0.88-1_all.deb dfc6418f184de39e4a46c87f912071c0eb5df0af 209080 libservlet3.0-java-doc_7.0.56-3+really7.0.88-1_all.deb 94fa40db8c80e112957a04fb35fb9787a06d46c1 38766 tomcat7-admin_7.0.56-3+really7.0.88-1_all.deb e37f435b58799bdf5eca60f6190e7aede4fdc3a8 201814 tomcat7-examples_7.0.56-3+really7.0.88-1_all.deb 798bf6a5941b5df6a04e8b75b3721c2373922449 682170 tomcat7-docs_7.0.56-3+really7.0.88-1_all.deb Checksums-Sha256: 8ffbc52f2d8011e03de71456b7bb1c7af9aae920d3a8e47d3fcaa8dcced5c2f2 3026 tomcat7_7.0.56-3+really7.0.88-1.dsc c90c65b054467763be98cb0b32b07d3ead4f037f4a758e370dc6a77bf27d5e47 3255820 tomcat7_7.0.56-3+really7.0.88.orig.tar.xz 4fd797b1cef3542d83022e4c9156a92f2352c4c411abca3edae64c27af4d0321 52412 tomcat7_7.0.56-3+really7.0.88-1.debian.tar.xz bcd3b0328f718e1b98f9da28a78540fe04fba1c8c00397c7285703a6cb83afd6 294736 tomcat7-common_7.0.56-3+really7.0.88-1_all.deb 5434eb5055b2c935b07a08d91d4cb2d857eb05afb15cc517336f5168cce59d36 54928 tomcat7_7.0.56-3+really7.0.88-1_all.deb c6eff9a7164912a5893e689ca9926cf1a4919508cfcc8eaf275c590b31d2ad54 42342 tomcat7-user_7.0.56-3+really7.0.88-1_all.deb 3db6fd23fa61508bb90d740cc3eb434c84bc96892a2a39786bcb926579258f20 3798550 libtomcat7-java_7.0.56-3+really7.0.88-1_all.deb e12fc9c65c97b4db0a72d9ff817d1e1afd1ff52c08110f3d979d51175591c07f 316850 libservlet3.0-java_7.0.56-3+really7.0.88-1_all.deb c1a68297a31e48416a981d8d8fd837b358de54ebd05cc59026a5bb30d2408680 209080 libservlet3.0-java-doc_7.0.56-3+really7.0.88-1_all.deb 751a1b784f004d42b7e90db8937c82aa2c59f08ee1e3af83785b80659d1718ce 38766 tomcat7-admin_7.0.56-3+really7.0.88-1_all.deb d0b7db8c577c6fa24740bc45b6fe16e87f85728ed251e746123ac518a73a4392 201814 tomcat7-examples_7.0.56-3+really7.0.88-1_all.deb bce6d0c21cb2199658d5d27852987cf25f1710f16be5b0e854701d0f9540eecb 682170 tomcat7-docs_7.0.56-3+really7.0.88-1_all.deb Files: a1060acc7521be2095826a00e2d7d0af 3026 java optional tomcat7_7.0.56-3+really7.0.88-1.dsc ea4f27364adeb61a82438d0b702636b0 3255820 java optional tomcat7_7.0.56-3+really7.0.88.orig.tar.xz d61bad72b4987b0fb87c6fd13a39ca8d 52412 java optional tomcat7_7.0.56-3+really7.0.88-1.debian.tar.xz bbf93c3cdeee6c68f2fd5945d37b3a12 294736 java optional tomcat7-common_7.0.56-3+really7.0.88-1_all.deb ea563f346e8767477cec729d2c8837cf 54928 java optional tomcat7_7.0.56-3+really7.0.88-1_all.deb f1b370b0f367bc85f65c5ca88b39840c 42342 java optional tomcat7-user_7.0.56-3+really7.0.88-1_all.deb 11e2f3093b89d4af7439dad500cf730e 3798550 java optional libtomcat7-java_7.0.56-3+really7.0.88-1_all.deb 0a9a14c69525746783efbe16d4b60ad9 316850 java optional libservlet3.0-java_7.0.56-3+really7.0.88-1_all.deb 591592144532c22eca561bb3efe92c7e 209080 doc optional libservlet3.0-java-doc_7.0.56-3+really7.0.88-1_all.deb a7c4a0c7ac58fcb189f3494f72308038 38766 java optional tomcat7-admin_7.0.56-3+really7.0.88-1_all.deb 96c57b48b132c66d17876b5be2deb94f 201814 java optional tomcat7-examples_7.0.56-3+really7.0.88-1_all.deb 9e4c2d665b4b3e20451e1401322d64c6 682170 doc optional tomcat7-docs_7.0.56-3+really7.0.88-1_all.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlsz7LxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HknL4P/1F2HG7kxvW3zB5Utr5resVMS7I03qVpeiuN khrwKKCeV3eTteE6jacEn5AJ+DZAO+iF9jcRAFQppuVHGBrlVygbO+0CcViWEg2X d+n3JSyRN4qlOE+uWtv2JpR03+X3/0KHN5C/Xcy7/Onr7+29yN4jBe1Xl/j3dAFo VKY/z1TN9xAe7NStikFwidhxNizAOzFBA9rGRIvrpeUGqZFuXo9ohg5whs5nk3Hx dPAT+iDoWb2D+clDMrBYdfUnIczOhlE4XxOAiksYK4p4JZGKTj8HJ1rs2mddZHvm AvFCAxqosbThDRL4Hg19V4tKlveD5nqIbVBoEc2oerJHDJw/W14NVOI7ozw6rH1x IXyOS0Htmks46xEycjoXWfnfzvdVnDO0EuD369S5TGMv0bK4BDvn1R845kEamH3R ibWc2QW6AGIWvX0xsZ9Akz9TqFiiVG89v68I/0sYEYuh7Bprbe+K8fymi70Hzrj8 PHrkj0en7sYGaY/RgmBmcK6GJpagS2S8vpz0odhmUpSYkwWYDD0VChMvJCiTWPxh 3mNakts3+m1MUblsKKKnPmwwPwvMd4BqAozKabb5ANoXpV9mxiaJOBW3OJsSMeqj qqutvMnNNv8zwdK/nan0BJujUse8xnAxobqnaqaszEVmhCu2eatZ4mX0hQ+cowPN UnJcz6o5 =jyLt -----END PGP SIGNATURE-----
