subject:"\[Bug 1115053\] Re\: Parameter Handling Denial of Service in Oneiric"

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

2013-02-13 Thread Jamie Strandboge

Just to make it easier, please add any extra CVEs for tomcat7 to this bug and create a separate bug for tomcat6. I'll adjust the summary and description. As for CVE-2012-2733, there is no upstream fix that I am aware of, so feel free to skip it (unless you find a patch for it-- if so, please let u

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

2013-02-10 Thread Christian Kuersteiner

>From CVE-2012-2733 on Precise is affected too. Should I create a new bug for >it or add a future debdiff here? As well some CVEs affect as well tomcat6. Same question: new bug or add here? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubun

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

2013-02-10 Thread Christian Kuersteiner

Here is an updated debdiff with all the fixes. Please note: CVE-2011-4858 is resolved through patch for CVE-2012-0022. CVE-2012-5568 is seen as a non-issue for tomcat (see http://tomcat.apache.org/security-7.html#Not_a_vulnerability_in_Tomcat) Is the formating of the changelog okay like this? **

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

2013-02-06 Thread Marc Deslauriers

Unsubscribing ubuntu-security-sponsors for now, please re-subscribe when a new debdiff is available. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115053 Title: Parameter Handling Denial of

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

2013-02-05 Thread Christian Kuersteiner

Yeah, I will look that I can prepare one debdiff with all the fixes. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115053 Title: Parameter Handling Denial of Service in Oneiric To manage notificat

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

2013-02-05 Thread Marc Deslauriers

tomcat7 in oneiric is vulnerable to the following CVEs: CVE-2011-3375 CVE-2011-3376 CVE-2011-4858 CVE-2012-0022 CVE-2012-2733 CVE-2012-3546 CVE-2012-4431 CVE-2012-4534 CVE-2012-5568 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 See the CVE tracker for more information: http://people.canonical.com/~ub

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

2013-02-04 Thread Christian Kuersteiner

** Patch added: "lp1115053-oneiric.debdiff" https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1115053/+attachment/3514213/+files/lp1115053-oneiric.debdiff ** Changed in: tomcat7 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ub

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

7 matches

Site Navigation

Mail list logo

Footer information