Re: tomcat5.5 - the long overdue stable upload
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 2010-07-28 11:45, Niels Thykier wrote:
> [...]
>
> Hey
>
> I heard from the security team and they would like to do a security upload.
>
> Already reported:
> CVE-2008-5515 [P]
> CVE-2009-0033 [P]
> CVE-2009-0580 [P]
> CVE-2009-0781 [*]
> CVE-2009-0783
>
> Additonal problems to fix:
> CVE-2010-2227
> CVE-2010-1157 [*]
> CVE-2010-2902
> CVE-2009-2693
>
> I will write back when I am done with a request for review of the patches.
>
> ~Niels
>
> [*] Low impact security bug or/and only affects examples.
>
> [P] Generated patch for it with help from:
> http://tomcat.apache.org/security-5.html
>
Hi
I just heard from the security team, who have prepared the security
package and asked if anyone are interested in testing it.
You can find the package at [1]; please write back if you have tested it.
Thank you in advance,
~Niels
[1] http://people.debian.org/~jmm/
It is (probably) not apt compatible, so you have manually download it
and use dpkg -i *.deb to install it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEAREIAAYFAkxsQAgACgkQVCqoiq1YlqyTmgCaAxPVALu9JuUkO3L2JO0mjCaR
zKoAniPJbV0Pe2eRB5wGf2bSLUMnHomo
=ZZsP
-----END PGP SIGNATURE-----
Reply to: