retitle 695251 tomcat7: CVE-2012-4431 CVE-2012-3546

On 12/05/2012 11:49 PM, Moritz Muehlenhoff wrote:
> Package: tomcat7
> Severity: grave
> Tags: security
> Justification: user security hole
> New security issues in Tomcat have been disclosed:

I am retitling this bug as the fix for CVE-2012-4534 is already included
in upstream release 7.0.28.  See the upstream bug report 52858 [1].  I
also verified the affected source file and there's nothing to patch.

The other 2 CVEs are not yet addressed in 7.0.28.

Thank you,


Attachment: signature.asc
Description: OpenPGP digital signature

This is the maintainer address of Debian's Java team
Please use for discussions and questions.

Reply via email to