-
tomcat6 (6.0.39-1ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2014-0075.patch: Fix integer overflow in the
parseChunkHeader function in
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java
- CVE-2014-0075
* SECURITY UPDATE: Bypass security-manager restrictions and read
arbitrary files via a crafted web application that provides an XML
external entity declaration in conjunction with an entity reference.
- debian/patches/CVE-2014-0096.patch: Properly restrict XSLT
stylesheets
- CVE-2014-0096
* SECURITY UPDATE: Fix integer overflow.
- debian/patches/CVE-2014-0099.patch: Fix in
java/org/apache/tomcat/util/buf/Ascii.java
- CVE-2014-0099
* SECURITY UPDATE: Read arbitrary files via a crafted web application
that provides an XML external entity declaration in conjunction with
an entity reference.
- debian/patches/CVE-2014-0119-1.patch: fix in SecurityClassLoad.java
and DefaultServlet.java
- debian/patches/CVE-2014-0119-2.patch: fix in TldConfig.java
- debian/patches/CVE-2014-0119-3.patch: fix in multiple files
- CVE-2014-0119
* SECURITY UPDATE: Add error flag to allow subsequent attempts at
reading after an error to fail fast.
- debian/patches/CVE-2014-0227.patch: fix in ChunkedInputFilter.java
- CVE-2014-0227
* SECURITY UPDATE: DoS (thread consumption) via a series of aborted
upload attempts.
- debian/patches/CVE-2014-0230.patch: add support for maxSwallowSize
- CVE-2014-0230
* SECURITY UPDATE: Bypass a SecurityManager protection mechanism via a
web application that leverages use of incorrect privileges during EL
evaluation.
- debian/patches/CVE-2014-7810-1.patch: fix in BeanELResolver.java
- debian/patches/CVE-2014-7810-2.patch: fix in PageContextImpl.java
and SecurityClassLoad.java
- CVE-2014-7810
* SECURITY UPDATE: Directory traversal vulnerability in RequestUtil.java
- debian/patches/CVE-2015-5174.patch: fix in RequestUtil.java
- CVE-2015-5174
* SECURITY UPDATE: Remote attackers can determine the existence of a
directory via a URL that lacks a trailing slash character.
- debian/patches/CVE-2015-5345-1.patch: fix in multiple files
- debian/patches/CVE-2015-5345-2.patch: fix in multiple files
- CVE-2015-5345
* SECURITY UPDATE: Bypass CSRF protection mechanism by using a token.
- debian/patches/CVE-2015-5351-1.patch: fix in manager application
- debian/patches/CVE-2015-5351-2.patch: fix in host-manager
application
- CVE-2015-5351
* SECURITY UPDATE: Bypass intended SecurityManager restrictions and
read arbitrary HTTP requests, and consequently discover session ID
values, via a crafted web application.
- debian/patches/CVE-2016-0706.patch: fix in
RestrictedServlets.properties
- CVE-2016-0706
* SECURITY UPDATE: Bypass intended SecurityManager restrictions and
execute arbitrary code in a privileged context via a web application
that places a crafted object in a session.
- debian/patches/CVE-2016-0714-1.patch: fix in multiple files.
- debian/patches/CVE-2016-0714-2.patch: fix in multiple files.
- CVE-2016-0714
* SECURITY UPDATE: Possible to determine valid user names.
- debian/patches/CVE-2016-0762.patch: fix in MemoryRealm.java and
RealmBase.java
- CVE-2016-0762
* SECURITY UPDATE: Bypass intended SecurityManager restrictions and
read or write to arbitrary application data, or cause a denial of
service (application disruption), via a web application that sets
a crafted global context.
- debian/patches/CVE-2016-0763.patch: fix in ResourceLinkFactory.java
- CVE-2016-0763
* SECURITY UPDATE: Access to the tomcat account to gain root privileges
via a symlink attack on the Catalina log file.
- debian/tomcat6.init: don't follow symlinks when handling the
catalina.out file.
- CVE-2016-1240
-- Eduardo Barretto <email address hidden> Thu, 11 Oct 2018 18:55:25 -0300
-
tomcat6 (6.0.39-1) unstable; urgency=medium
* Team upload.
* New upstream release.
- Refreshed the patches
* Standards-Version updated to 3.9.5 (no changes)
* Switch to debhelper level 9
* Use XZ compression for the upstream tarball
* Use canonical URL for the Vcs-Git field
-- Emmanuel Bourg <email address hidden> Mon, 17 Feb 2014 00:02:00 +0100
-
tomcat6 (6.0.37-1) unstable; urgency=low
* New upstream release.
- Drop patches for CVE-2012-4534, CVE-2012-4431, CVE-2012-3546,
CVE-2012-2733, CVE-2012-3439
- Drop 0011-CVE-02012-0022-regression-fix.patch
- Drop 0017-eclipse-compiler-update.patch
* Freshened remaining patches.
-- tony mancill <email address hidden> Sat, 03 Aug 2013 21:50:20 -0700
