Hi Anthony, Thank you for reporting this issue. This was caused by the fix for CVE-2016-5018 in the version 7.0.56-3+deb8u5 which removed the inner class PrivilegedIntrospectHelper. This issue was fixed upstream [1] but the extra commit [2] wasn't documented on the Tomcat 7 security page [3]. The tomcat8 package seems to be affected by the same issue. I'll fix this in the next update.
Emmanuel Bourg [1] https://bz.apache.org/bugzilla/show_bug.cgi?id=60101 [2] https://svn.apache.org/r1760309 [3] https://tomcat.apache.org/security-7.html
