[ubuntu/lucid-security] tomcat6 6.0.24-2ubuntu1.12 (Accepted)

Marc Deslauriers Mon, 14 Jan 2013 05:46:06 -0800

tomcat6 (6.0.24-2ubuntu1.12) lucid-security; urgency=low

  * SECURITY UPDATE: security-constraint bypass with FORM auth
    - debian/patches/CVE-2012-3546.patch: remove unneeded code in
      java/org/apache/catalina/realm/RealmBase.java.
    - CVE-2012-3546
  * SECURITY UPDATE: denial of service with NIO connector
    - debian/patches/CVE-2012-4534.patch: properly handle connection breaks
      in java/org/apache/tomcat/util/net/NioEndpoint.java.
    - CVE-2012-4534


Date: 2013-01-10 15:16:37.412413+00:00
Changed-By: Marc Deslauriers <[email protected]>
https://launchpad.net/ubuntu/lucid/+source/tomcat6/6.0.24-2ubuntu1.12

Sorry, changesfile not available.

-- 
Lucid-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/lucid-changes

[ubuntu/lucid-security] tomcat6 6.0.24-2ubuntu1.12 (Accepted)

Reply via email to