Your message dated Thu, 10 Feb 2011 07:02:16 +0000
with message-id <e1pnqxg-0000or...@franck.debian.org>
and subject line Bug#612257: fixed in tomcat6 6.0.28-10
has caused the Debian Bug report #612257,
regarding Three Tomcat vulnerabilities
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
612257: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612257
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: tomcat6
Version: Three Tomcat vulnerabilities
Severity: grave
Tags: security
CVE-2011-0534, CVE-2011-0013 and CVE-2010-3718 need to be
fixed in squeeze-security and unstable:
http://tomcat.apache.org/security-6.html
Cheers,
Moritz
-- System Information:
Debian Release: 5.0.1
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.32-ucs35-amd64
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
--- End Message ---
--- Begin Message ---
Source: tomcat6
Source-Version: 6.0.28-10
We believe that the bug you reported is fixed in the latest version of
tomcat6, which is due to be installed in the Debian FTP archive:
libservlet2.5-java-doc_6.0.28-10_all.deb
to main/t/tomcat6/libservlet2.5-java-doc_6.0.28-10_all.deb
libservlet2.5-java_6.0.28-10_all.deb
to main/t/tomcat6/libservlet2.5-java_6.0.28-10_all.deb
libtomcat6-java_6.0.28-10_all.deb
to main/t/tomcat6/libtomcat6-java_6.0.28-10_all.deb
tomcat6-admin_6.0.28-10_all.deb
to main/t/tomcat6/tomcat6-admin_6.0.28-10_all.deb
tomcat6-common_6.0.28-10_all.deb
to main/t/tomcat6/tomcat6-common_6.0.28-10_all.deb
tomcat6-docs_6.0.28-10_all.deb
to main/t/tomcat6/tomcat6-docs_6.0.28-10_all.deb
tomcat6-examples_6.0.28-10_all.deb
to main/t/tomcat6/tomcat6-examples_6.0.28-10_all.deb
tomcat6-user_6.0.28-10_all.deb
to main/t/tomcat6/tomcat6-user_6.0.28-10_all.deb
tomcat6_6.0.28-10.debian.tar.gz
to main/t/tomcat6/tomcat6_6.0.28-10.debian.tar.gz
tomcat6_6.0.28-10.dsc
to main/t/tomcat6/tomcat6_6.0.28-10.dsc
tomcat6_6.0.28-10_all.deb
to main/t/tomcat6/tomcat6_6.0.28-10_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 612...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
tony mancill <tmanc...@debian.org> (supplier of updated tomcat6 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 09 Feb 2011 21:49:33 -0800
Source: tomcat6
Binary: tomcat6-common tomcat6 tomcat6-user libtomcat6-java libservlet2.5-java
libservlet2.5-java-doc tomcat6-admin tomcat6-examples tomcat6-docs
Architecture: source all
Version: 6.0.28-10
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers
<pkg-java-maintain...@lists.alioth.debian.org>
Changed-By: tony mancill <tmanc...@debian.org>
Description:
libservlet2.5-java - Servlet 2.5 and JSP 2.1 Java API classes
libservlet2.5-java-doc - Servlet 2.5 and JSP 2.1 Java API documentation
libtomcat6-java - Servlet and JSP engine -- core libraries
tomcat6 - Servlet and JSP engine
tomcat6-admin - Servlet and JSP engine -- admin web applications
tomcat6-common - Servlet and JSP engine -- common files
tomcat6-docs - Servlet and JSP engine -- documentation
tomcat6-examples - Servlet and JSP engine -- example web applications
tomcat6-user - Servlet and JSP engine -- tools to create user instances
Closes: 608527 612257
Changes:
tomcat6 (6.0.28-10) unstable; urgency=medium
.
* Team upload.
* Add Portuguese/Brazilian debconf translation.
Thanks to José de Figueiredo (Closes: #608527)
* Add patches for CVE-2011-0534, CVE-2010-3718, CVE-2011-0013
(Closes: #612257)
Checksums-Sha1:
7196fec8ee0e45794956f4e2ea32f25af9cf8df7 2261 tomcat6_6.0.28-10.dsc
bfe44856bb0653cc33bb27eaf17b5b4c3bf4fd59 44976 tomcat6_6.0.28-10.debian.tar.gz
7c37f9bddd75dc6b268491b0d281361ca174cd7a 48214 tomcat6-common_6.0.28-10_all.deb
9026bd064c4d7dc1d214c0907546b65dea9d400d 36554 tomcat6_6.0.28-10_all.deb
d12c89df480360266b04a11e9e39553435d7cd74 26616 tomcat6-user_6.0.28-10_all.deb
4f5c0c7caf6c55615d94a8e9c30b526bf1480421 3022088
libtomcat6-java_6.0.28-10_all.deb
295ca758570b40d9b55890d003a22caaa7b5378a 192150
libservlet2.5-java_6.0.28-10_all.deb
7cfae4731d4dd9f06ab633a3a1bb0050530a0084 254366
libservlet2.5-java-doc_6.0.28-10_all.deb
e5d40784f642240e02bbdeed05ddc284361ce57b 42930 tomcat6-admin_6.0.28-10_all.deb
2a56cd73e7d966fbd3ba03fe0e6a0b23fbfb2493 160968
tomcat6-examples_6.0.28-10_all.deb
7fdda5549fbe5fd826f8c11f2c0f536ee2af5da9 527934 tomcat6-docs_6.0.28-10_all.deb
Checksums-Sha256:
8f9539361c2a8e017fd3d1cf62a650305b55969837ed443be2bd4c639231297c 2261
tomcat6_6.0.28-10.dsc
c6939d545c2db993387c6cdbb5041fe180026cc05725f9d86e8addefa751c2e3 44976
tomcat6_6.0.28-10.debian.tar.gz
a18f5d27058cda45f291aa37a0fee2f84c596c7369cfeb11e3b051212967bf8c 48214
tomcat6-common_6.0.28-10_all.deb
97580cf5fa4e6257663f6817603f76780301048619f85e27588420d64776dfdc 36554
tomcat6_6.0.28-10_all.deb
caeec8b35a45f42c68d40aec537f7524b648c214d753161d93a54321ce066ee7 26616
tomcat6-user_6.0.28-10_all.deb
23936a14b1084300feb1bd1688117810d93738710e4937cd7aa07d445e843c63 3022088
libtomcat6-java_6.0.28-10_all.deb
70f20aa8c11dc85a7604e9979a6d27f1ac4f6af5b7015b1e5a094b7477ba1c5a 192150
libservlet2.5-java_6.0.28-10_all.deb
75f7056e38dcf5cf3ebae24bb9974363a68f3f0a652df8b3fb6e104fb0ff75e9 254366
libservlet2.5-java-doc_6.0.28-10_all.deb
ed576192dab6073da49316d2d01d4e438c2ab341f87d8fdcc522293f602b94c9 42930
tomcat6-admin_6.0.28-10_all.deb
116436e46f943e5b1831c2d9d85360ff89cd90fe8c4c6ac40c10da056d4e6e74 160968
tomcat6-examples_6.0.28-10_all.deb
4eeb86b0f884d97225f6f268155a61ae738ed2cd60b02a92a5879c96e4d53c08 527934
tomcat6-docs_6.0.28-10_all.deb
Files:
9065d186360b3c3234c407ef7cb5070b 2261 java optional tomcat6_6.0.28-10.dsc
66dafc5aa9cf3a730ef6d2fe0680687b 44976 java optional
tomcat6_6.0.28-10.debian.tar.gz
3c2eeec9a7a4c2fc2784e605e5fb713d 48214 java optional
tomcat6-common_6.0.28-10_all.deb
3e0a66dc2ea85983767eb3f3addb9133 36554 java optional tomcat6_6.0.28-10_all.deb
65d7d9bb9ad7e3c2ffb2f24284c87475 26616 java optional
tomcat6-user_6.0.28-10_all.deb
6bfe6066a16c19789e40fe8484d7ee07 3022088 java optional
libtomcat6-java_6.0.28-10_all.deb
1fb6a308cea40b59720f0d4ef75408c2 192150 java optional
libservlet2.5-java_6.0.28-10_all.deb
d3efeb537943fbaff9f91d80e7d89abc 254366 doc optional
libservlet2.5-java-doc_6.0.28-10_all.deb
44b3128a81cdf03b1a32ffb667909a07 42930 java optional
tomcat6-admin_6.0.28-10_all.deb
dd9c7b2fcb5e9220079c1ba14a932836 160968 java optional
tomcat6-examples_6.0.28-10_all.deb
8e3608fe9edbe4296007b8f2b8da69e7 527934 doc optional
tomcat6-docs_6.0.28-10_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJNU4hgAAoJECHSBYmXSz6WRUgP/0cPTHTjvch7lSLomZgFeBjm
IqZ650jYqRBsocqhT9JB6PxF+GYsYec3NuO8gbO+sP9i196AtrFP5Oh8QV0Fy9j0
Vrlhbl/+sNLD9BWct8h4X+tDjOW6LJxMOB9p1kwLOOjpva05mtr9muI8mws3OR7W
YjmtHWylJc8gnuUyeIa+N4WKKpcc20nT0rLAc+h/bw0Aa5Rdl6Wh53SIMAkSf0CC
3rFY/nuEHNsahJrcdNdrExfDYIqjp8GmXEW6f/IrIGzBrW3/3k/w+zsqkRwpRkuz
rDz77SQOiTZ2sFPkjxwMgxvsyf5P7nKb6ZGk9lSJy3OnccXVl0AXIx1sQ/5cBkTg
9QHX/czIFEV7oBbMJ5aDLbG0OddFft8p1tKdtlsaW6w1Pym4BIljkdzJNlE4dv+m
UCmgwjZgMBqVRPCWtzxnMznXBDlZldJh6yOy+emxIx1CX4ymm5JXm+ENVyDw7PGO
2d5MFis9+rlKNroQUsjDuu+VKOnXywsueK4K8fqoNugu/oaY4vaVJbb/xYHZakMr
jVe6fJJBDgVw7eQ0m4XEr6PR4u1ybn0jZ8DkfMhxMaupJalEeuyvRiy1H0Tjbwv8
eLT7qsaZKuk1sORM0WoH2J6wLi6QayNdOaH1r+xOjKsWVJSraaoh4yZfvDqdlKtk
OCaviAMMDQ3T+ivcpGzb
=Qh9S
-----END PGP SIGNATURE-----
--- End Message ---
