Your message dated Sat, 08 Dec 2012 04:47:40 +0000
with message-id <e1thckc-0006lu...@franck.debian.org>
and subject line Bug#695250: fixed in tomcat6 6.0.35-6
has caused the Debian Bug report #695250,
regarding tomcat6: CVE-2012-4534 CVE-2012-4431 CVE-2012-3546
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
695250: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695250
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: tomcat6
Severity: grave
Tags: security
Justification: user security hole

More Tomcat security issues have been disclosed:
http://tomcat.apache.org/security-6.html

The page contains links to the upstream fixes.

BTW, is there a specific reason why both tomcat6 and tomcat7 are present in 
Wheezy?
This will duplicate all efforts for security updates in Wheezy.

Cheers,
        Moritz

--- End Message ---
--- Begin Message ---
Source: tomcat6
Source-Version: 6.0.35-6

We believe that the bug you reported is fixed in the latest version of
tomcat6, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 695...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
tony mancill <tmanc...@debian.org> (supplier of updated tomcat6 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 06 Dec 2012 21:10:11 -0800
Source: tomcat6
Binary: tomcat6-common tomcat6 tomcat6-user libtomcat6-java libservlet2.4-java 
libservlet2.5-java libservlet2.5-java-doc tomcat6-admin tomcat6-examples 
tomcat6-docs tomcat6-extras
Architecture: source all
Version: 6.0.35-6
Distribution: unstable
Urgency: high
Maintainer: Debian Java Maintainers 
<pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: tony mancill <tmanc...@debian.org>
Description: 
 libservlet2.4-java - Transitional package for libservlet2.5-java
 libservlet2.5-java - Servlet 2.5 and JSP 2.1 Java API classes
 libservlet2.5-java-doc - Servlet 2.5 and JSP 2.1 Java API documentation
 libtomcat6-java - Servlet and JSP engine -- core libraries
 tomcat6    - Servlet and JSP engine
 tomcat6-admin - Servlet and JSP engine -- admin web applications
 tomcat6-common - Servlet and JSP engine -- common files
 tomcat6-docs - Servlet and JSP engine -- documentation
 tomcat6-examples - Servlet and JSP engine -- example web applications
 tomcat6-extras - Servlet and JSP engine -- additional components
 tomcat6-user - Servlet and JSP engine -- tools to create user instances
Closes: 692440 695250
Changes: 
 tomcat6 (6.0.35-6) unstable; urgency=high
 .
   * Acknowledge NMU: 6.0.35-5+nmu1 (Closes: #692440)
     - Thank you to Michael Gilbert.
   * Add patches for the following security issues: (Closes: #695250)
     - CVE-2012-4534, CVE-2012-4431, CVE-2012-3546
Checksums-Sha1: 
 c13aaa9b0bc2823883f6be29eb088787ff666853 2692 tomcat6_6.0.35-6.dsc
 2222d5b0b9e3c4c3ff3d650ad9c2aad799b543d0 51688 tomcat6_6.0.35-6.debian.tar.gz
 3913062050c58ec4b1db35cc6a07c7ea61a60fc6 52826 tomcat6-common_6.0.35-6_all.deb
 3c514f20440986efe49f40c25245fae06d0ca907 40544 tomcat6_6.0.35-6_all.deb
 858f2a90abca9511bf13047e701d25274a9f640a 31430 tomcat6-user_6.0.35-6_all.deb
 b91497e4e1cc024f258d18175c5fb4835027440c 3101344 
libtomcat6-java_6.0.35-6_all.deb
 d83c76425fa7024d980f7280844ef347cc773cf9 13374 
libservlet2.4-java_6.0.35-6_all.deb
 f632dbab7eee663a4fceebd08df90b3c55bbd215 196142 
libservlet2.5-java_6.0.35-6_all.deb
 3ed9687f059915ed75f7eb54adcb1f6b7301f55b 255404 
libservlet2.5-java-doc_6.0.35-6_all.deb
 fd6c6cc55b42bae060874a38f6838af1f44a9b12 48368 tomcat6-admin_6.0.35-6_all.deb
 8835355230d330579e66d9b4ed35e0f4b26ceda7 163418 
tomcat6-examples_6.0.35-6_all.deb
 6cb15c2203f41051e88a7a7b46112ac60ed823e2 567894 tomcat6-docs_6.0.35-6_all.deb
 2b091dd877165b197710d5244903ff4991a63401 13578 tomcat6-extras_6.0.35-6_all.deb
Checksums-Sha256: 
 87ec4d49d7998a99f22434d1a6f858f0ea0808d3668a7058e75f3eb2fec9bc5a 2692 
tomcat6_6.0.35-6.dsc
 d99f35fbc6659d063b24d0601ec3554adbb6150ea31a9a832da83a38539d7b47 51688 
tomcat6_6.0.35-6.debian.tar.gz
 7ce8860323f667d4d342077c3d62553f8daf7f4232c8392b47483fb4634d71a8 52826 
tomcat6-common_6.0.35-6_all.deb
 556ec06b971b5a3fba8fb4d23d81fd0b12e23c3400d1a7eac42564708e8e3e39 40544 
tomcat6_6.0.35-6_all.deb
 b8e18faa318c30cf1dada1af09783557def0bac580792fcd36358e888f5fb918 31430 
tomcat6-user_6.0.35-6_all.deb
 226a1122498b46135342cfe50a39880d3c7462a88cbf782f400b497aaa7995c1 3101344 
libtomcat6-java_6.0.35-6_all.deb
 55d1541c7fb2db0611c456b869d95302d9754086ef036cb57a809803a8d132fb 13374 
libservlet2.4-java_6.0.35-6_all.deb
 18d397bf88811614b43a0c3ed15dae42b1287f3fbaf403275495c31ddd39f885 196142 
libservlet2.5-java_6.0.35-6_all.deb
 96858dc31a568d3a8433d626ef1f414f1c947135e23532cfc987594aefe47a1d 255404 
libservlet2.5-java-doc_6.0.35-6_all.deb
 2004c82c1389105def051dfbc2bdc204203de293422751b455d5e06d84d4ebe3 48368 
tomcat6-admin_6.0.35-6_all.deb
 69e73a88e0244a6de868d0eb0c8076995fa9be91d4d6c85ff55030d86d84c152 163418 
tomcat6-examples_6.0.35-6_all.deb
 673e0621326fef9078228bc8213c75b9761f9b53e6f3396954f48f67c8e40639 567894 
tomcat6-docs_6.0.35-6_all.deb
 e1afd373fdac9152f6926da9310c3e01aa1ea9f7a1e01474ebac9ca3d539cf14 13578 
tomcat6-extras_6.0.35-6_all.deb
Files: 
 d51774e7b47a5c5b4453f125b6df4fb9 2692 java optional tomcat6_6.0.35-6.dsc
 026def29b520e2a0fe0893b2796453ca 51688 java optional 
tomcat6_6.0.35-6.debian.tar.gz
 ffc6ece9cbf33e763f49f86851c2c46e 52826 java optional 
tomcat6-common_6.0.35-6_all.deb
 fc7e784e85c85538f8708f9b329b8a52 40544 java optional tomcat6_6.0.35-6_all.deb
 9e94904b0481729d471c9ef299829e88 31430 java optional 
tomcat6-user_6.0.35-6_all.deb
 a1ded865412bbb3d312daa3ea26fc623 3101344 java optional 
libtomcat6-java_6.0.35-6_all.deb
 7b1d26e1cb3f964052b9a33b2477c297 13374 oldlibs extra 
libservlet2.4-java_6.0.35-6_all.deb
 9aa7b95e1fe84acc99fb2c85e6b80d8f 196142 java optional 
libservlet2.5-java_6.0.35-6_all.deb
 b4d85537c6eb89ed68d5eb8df6c6017d 255404 doc optional 
libservlet2.5-java-doc_6.0.35-6_all.deb
 a31ea0aeb81abe08a53d6aa440ec6a49 48368 java optional 
tomcat6-admin_6.0.35-6_all.deb
 656244c5670884d321c59b32947b7c30 163418 java optional 
tomcat6-examples_6.0.35-6_all.deb
 c24cf41a2457de1db3b52ef32de4d107 567894 doc optional 
tomcat6-docs_6.0.35-6_all.deb
 e317c1e046ef55b5f2b7d8bf8bd45b6f 13578 java optional 
tomcat6-extras_6.0.35-6_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQwsOyAAoJECHSBYmXSz6WQQYP/23xYZnrFC9RlTF5z0wF+RjH
/ZPFqf5mkQSo1aCn2Xn9mbcwY5H2vVvzgJ4ZXF/QGUeF9WLJYTxXdyncMmfOBs/f
wWVxHVAhLLuQWZQlBkoYdUgp11AJZR0g0fXD5l8TAgg8mznJZ3yiYkrNCnT5HlCH
TmVR1Xz/KrbzscR6mssnFHzNJcoOBW9Yn88fUYUK35IXOCuACtBsSkLPKwClL6G0
ZtFSYWhmdmRhv7KZgcUHoCwADV3ZUkZwMp3lGCoATYu1CAeSxqtl9OLuso8g6CxD
lGo4V/imFmBcviLimDibHCmPEvJzfdWPyv89LYeCSvPE4ulMdjfJgHOqbwMG5pkN
ZV19XDdOm2TOD0dJc9OqPf82GyE2BTrdwUhxdzMVpO7CpC6kLxQh8e/C6Fkg+7OW
rQpnbByWfaTlcc9t2ELEfoOTsvIOFGeT0cBqFR30n/CIvFvI8X0LLnODB2RPu6gP
Yge0Sbcay7BDg7LQ6/YhQNrlN0Ak5MH19OJuq0bU3FL0HXOBUScNnkNImaSeZHow
ZFLjqd7g4q7h07o2JNC4m75QnDIsZZYFLwM+CVbIMNpqvvZqIwEuV4gUTjEcciw8
HHkFyFAB9h6WUDUBhWy7SShvZyfWHLpolA5UW2TGphFvw+5dLFB5R6iF0ER7F1Ak
U1JMcEjFJaYefoj/GXL8
=ilbe
-----END PGP SIGNATURE-----

--- End Message ---
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to