retitle 695251 tomcat7: CVE-2012-4431 CVE-2012-3546
thanks

On 12/05/2012 11:49 PM, Moritz Muehlenhoff wrote:
> Package: tomcat7
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> New security issues in Tomcat have been disclosed:
> http://tomcat.apache.org/security-7.html

I am retitling this bug as the fix for CVE-2012-4534 is already included
in upstream release 7.0.28.  See the upstream bug report 52858 [1].  I
also verified the affected source file and there's nothing to patch.

The other 2 CVEs are not yet addressed in 7.0.28.

Thank you,
tony

[1] https://issues.apache.org/bugzilla/show_bug.cgi?id=52858

Attachment: signature.asc
Description: OpenPGP digital signature

__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to