retitle 695251 tomcat7: CVE-2012-4431 CVE-2012-3546 thanks On 12/05/2012 11:49 PM, Moritz Muehlenhoff wrote: > Package: tomcat7 > Severity: grave > Tags: security > Justification: user security hole > > New security issues in Tomcat have been disclosed: > http://tomcat.apache.org/security-7.html
I am retitling this bug as the fix for CVE-2012-4534 is already included in upstream release 7.0.28. See the upstream bug report 52858 . I also verified the affected source file and there's nothing to patch. The other 2 CVEs are not yet addressed in 7.0.28. Thank you, tony  https://issues.apache.org/bugzilla/show_bug.cgi?id=52858
Description: OpenPGP digital signature
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.