-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2010-07-28 11:45, Niels Thykier wrote: > [...] > > Hey > > I heard from the security team and they would like to do a security upload. > > Already reported: > CVE-2008-5515 [P] > CVE-2009-0033 [P] > CVE-2009-0580 [P] > CVE-2009-0781 [*] > CVE-2009-0783 > > Additonal problems to fix: > CVE-2010-2227 > CVE-2010-1157 [*] > CVE-2010-2902 > CVE-2009-2693 > > I will write back when I am done with a request for review of the patches. > > ~Niels > > [*] Low impact security bug or/and only affects examples. > > [P] Generated patch for it with help from: > http://tomcat.apache.org/security-5.html >
Hi I just heard from the security team, who have prepared the security package and asked if anyone are interested in testing it. You can find the package at [1]; please write back if you have tested it. Thank you in advance, ~Niels [1] http://people.debian.org/~jmm/ It is (probably) not apt compatible, so you have manually download it and use dpkg -i *.deb to install it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEAREIAAYFAkxsQAgACgkQVCqoiq1YlqyTmgCaAxPVALu9JuUkO3L2JO0mjCaR zKoAniPJbV0Pe2eRB5wGf2bSLUMnHomo =ZZsP -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
