Accepted tomcat7 7.0.28-4+deb7u5 (source all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 26 Jun 2016 19:23:57 +0200
Source: tomcat7
Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs
Architecture: source all
Version: 7.0.28-4+deb7u5
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes
libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation
libtomcat7-java - Servlet and JSP engine -- core libraries
tomcat7 - Servlet and JSP engine
tomcat7-admin - Servlet and JSP engine -- admin web applications
tomcat7-common - Servlet and JSP engine -- common files
tomcat7-docs - Servlet and JSP engine -- documentation
tomcat7-examples - Servlet and JSP engine -- example web applications
tomcat7-user - Servlet and JSP engine -- tools to create user instances
Changes:
tomcat7 (7.0.28-4+deb7u5) wheezy-security; urgency=high
.
* Team upload.
* Fix CVE-2016-3092.
A denial of service vulnerability was identified in Commons FileUpload that
occurred when the length of the multipart boundary was just below the size
of the buffer (4096 bytes) used to read the uploaded file. This caused the
file upload process to take several orders of magnitude longer than if the
boundary was the typical tens of bytes long. Tomcat's internal fork of
Commons File Upload is also affected.
Checksums-Sha1:
399521e131ff936e482d5857a5fa28c52b8b802c 2777 tomcat7_7.0.28-4+deb7u5.dsc
ecf3d5a35582e8a0f397f24f275ae3e8ce9babd8 128925 tomcat7_7.0.28-4+deb7u5.debian.tar.gz
f6dcd7495a87c95f0f1e99d3f2f5a5c492e8e7a7 64812 tomcat7-common_7.0.28-4+deb7u5_all.deb
a8b3f5d435d2da51ef430179b9a12354ee0fccce 52048 tomcat7_7.0.28-4+deb7u5_all.deb
ec9ba33a777d1c5b7d0861b2c661f7072b84a933 40076 tomcat7-user_7.0.28-4+deb7u5_all.deb
bb459ff658786840c85432df7f136efd89dbf252 3511556 libtomcat7-java_7.0.28-4+deb7u5_all.deb
ab0fa46960c468d868d3db1bd8f4f9d73d4eb27a 306170 libservlet3.0-java_7.0.28-4+deb7u5_all.deb
696a6ac58890d10dedd39d86a11b897ffb16d749 304382 libservlet3.0-java-doc_7.0.28-4+deb7u5_all.deb
e7668367ceee49a83f86d327b286455d156cdde7 52754 tomcat7-admin_7.0.28-4+deb7u5_all.deb
9c70f6173c314d6f2b51f017f11a233246ad9fea 206400 tomcat7-examples_7.0.28-4+deb7u5_all.deb
773c92d13f375d7fc0bdff3dde729c6dc2256e25 647984 tomcat7-docs_7.0.28-4+deb7u5_all.deb
Checksums-Sha256:
6be47e4442b1e2177dbce7511dc64e05e7409efa4534f22132e023c4c3f8f0ba 2777 tomcat7_7.0.28-4+deb7u5.dsc
89d4e1f487c1235cb2a6da0bfdcf3bef54af1445db543b1f13096a703c143467 128925 tomcat7_7.0.28-4+deb7u5.debian.tar.gz
645b738e05a117ffbf747c38aa1ec31110d7757f1d376569691996e8c3252f22 64812 tomcat7-common_7.0.28-4+deb7u5_all.deb
97437780ca5933cf3efab41756ff9e0bbf93077cb5f20fd30c5268c9ce0021dd 52048 tomcat7_7.0.28-4+deb7u5_all.deb
3725fa64b1019d03efcadbfdfed0236f9e5254e6c483c474d55e0e2e2d23cd9b 40076 tomcat7-user_7.0.28-4+deb7u5_all.deb
ba2c5f356f6cbe630364efb1f7a421f94c5779d3d63ba414ee3062c179e3504b 3511556 libtomcat7-java_7.0.28-4+deb7u5_all.deb
fb1c46322366c3967e3074bebf24bec430267df83a2b541c879fba4219275f0b 306170 libservlet3.0-java_7.0.28-4+deb7u5_all.deb
5155f0eb5359a1ca9f6e1e71bbf5467d5339025e9edc3d12a7c16674c2fe999e 304382 libservlet3.0-java-doc_7.0.28-4+deb7u5_all.deb
86880df6746bcfee9f96895c7c438612c0930247943c04b4b8bc071475068d9e 52754 tomcat7-admin_7.0.28-4+deb7u5_all.deb
c78a7daef4981cee880c83bd135158dabfbc0652a09686fef5c848ba6993a18c 206400 tomcat7-examples_7.0.28-4+deb7u5_all.deb
06a2720b85309d0572acc5d4a15b21edb96dc05fa930c2e45b4e325e2387c8d0 647984 tomcat7-docs_7.0.28-4+deb7u5_all.deb
Files:
5ecf326656bf71b8ed5c33534521411b 2777 java optional tomcat7_7.0.28-4+deb7u5.dsc
49acdc682f147ceb1474d63d0c5847ce 128925 java optional tomcat7_7.0.28-4+deb7u5.debian.tar.gz
94020e198090736770001b11ef8c1e41 64812 java optional tomcat7-common_7.0.28-4+deb7u5_all.deb
544f797131117994455f4a8e4a7518b0 52048 java optional tomcat7_7.0.28-4+deb7u5_all.deb
71eea9197d1dd3c7506b4b6b80340ad9 40076 java optional tomcat7-user_7.0.28-4+deb7u5_all.deb
0a32c3178aa54b281bb9c4fac83f2fab 3511556 java optional libtomcat7-java_7.0.28-4+deb7u5_all.deb
13bcff283b433f83fcd31c7857afa0a4 306170 java optional libservlet3.0-java_7.0.28-4+deb7u5_all.deb
44f16fd3ed40eb39029329b1938bdef8 304382 doc optional libservlet3.0-java-doc_7.0.28-4+deb7u5_all.deb
616c05e230e71752da06304608c4f659 52754 java optional tomcat7-admin_7.0.28-4+deb7u5_all.deb
d51934c1860fd9448b4d2b0671f05595 206400 java optional tomcat7-examples_7.0.28-4+deb7u5_all.deb
c8f0ce318b988ca23578e512c6512a0b 647984 doc optional tomcat7-docs_7.0.28-4+deb7u5_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQJ8BAEBCgBmBQJXcBoMXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkHyYP/3wY7lWzoUt9wQ1ukcj9t11d
3rokj/lqIgKdJpw2gHcfCeGFpBxHbHA365R1HfHgx5N6o49Ry15uKQHTfrQ/bGgX
JWWtf4z+aPW500pv3Elabr3z7QBpwd0KgiTrVSKEEVQAmDJhqt2B1/urxiB+PFyw
nMM6PTU823k1bUpnhJnv0alYYvQBNKWVwkHo9kU4TIrgGB3mW7aXy/89HJoFj2Nm
ex9kLlTyPnoXJjP6JT8v/CWam8ct+bLc8kHAE2rZL3hoz5FVW97p1Tdwjgwcqbda
GojWsw7cN/oH8/FQW3ZS9lgiqqYtHP3/NTsKeQRKZx+CoW9i7aNnK6vkyyoHljqE
ZhPlixo20robdh/W8dV6FO02M4mcEZH917ttBxJaxa/7q4pe6bU+zi5NJF7YgLp4
LgvIRcm5Sx42/e+r7B2C67Qrb+IQXC1ThyKiPx8rREYVLeA6fyPFhLywYnKGuPYN
0GBbjJ96wvrWvM5V7bSqC6R0i8b8xa23gWTrOPYWxJ7TipMhTl/oGmFIHcl/lE2l
7W7jtzM6Z5q+IcEZJdzD//31qSFPuivFoqpD5aURTdkrLZw00kABJ9nBJHlxFHIQ
e/YoWlB0kHDACF67OO0ZJYRUh8Ib6lxfS1uzwnj3eFpe9bzuIQwKxO9DbeDhGe9i
e/0jObRZiM+8FXxb1Q23
=vlT6
-----END PGP SIGNATURE-----
Reply to: