Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 15 Aug 2016 17:38:02 +0200
Source: tomcat8
Binary: tomcat8-common tomcat8 tomcat8-user libtomcat8-java libservlet3.1-java
libservlet3.1-java-doc tomcat8-admin tomcat8-examples tomcat8-docs
Architecture: source all
Version: 8.0.14-1+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer: Debian Java Maintainers
<pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <a...@debian.org>
Description:
libservlet3.1-java - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API
classes
libservlet3.1-java-doc - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java
API documenta
libtomcat8-java - Apache Tomcat 8 - Servlet and JSP engine -- core libraries
tomcat8 - Apache Tomcat 8 - Servlet and JSP engine
tomcat8-admin - Apache Tomcat 8 - Servlet and JSP engine -- admin web
application
tomcat8-common - Apache Tomcat 8 - Servlet and JSP engine -- common files
tomcat8-docs - Apache Tomcat 8 - Servlet and JSP engine -- documentation
tomcat8-examples - Apache Tomcat 8 - Servlet and JSP engine -- example web
applicati
tomcat8-user - Apache Tomcat 8 - Servlet and JSP engine -- tools to create user
Closes: 825786
Changes:
tomcat8 (8.0.14-1+deb8u3) jessie-security; urgency=high
.
* Team upload.
* Fix CVE-2016-1240:
tomcat8.init: Protect /var/lib/tomcat8/catalina.out against a symlink
attack and possible root privilege escalation.
* Do not unconditionally overwrite files in /etc/tomcat8 anymore.
(Closes: #825786)
* Change file permissions to 640 for Debian files in /etc/tomcat8.
Checksums-Sha1:
b787a4d3a0c753e8aea7a0ee076ef7e4b5e783ed 2974 tomcat8_8.0.14-1+deb8u3.dsc
f7df627b8810332dc14d38a03b6443e31b1d4f21 51488
tomcat8_8.0.14-1+deb8u3.debian.tar.xz
a2b66307cd6c5dbf4e62e948e0033e25b658c9e4 55928
tomcat8-common_8.0.14-1+deb8u3_all.deb
8a6fd07a7d310ff07711ff62c8a4702bc4c2ca20 45616 tomcat8_8.0.14-1+deb8u3_all.deb
9890ac75ef2fe685280a9177ac48128cb7ef918c 33036
tomcat8-user_8.0.14-1+deb8u3_all.deb
c482cd85082d0e0d7303db3728fff941e242f3ae 4584010
libtomcat8-java_8.0.14-1+deb8u3_all.deb
a0b2dbd8c0570cb5852c92a68a687f544e15994d 390484
libservlet3.1-java_8.0.14-1+deb8u3_all.deb
d734769ae0f2b7b822a245905e8a89b65296f36e 245194
libservlet3.1-java-doc_8.0.14-1+deb8u3_all.deb
2148b3de85a4a7287a0538a2651c3c2874a0ba1f 34470
tomcat8-admin_8.0.14-1+deb8u3_all.deb
724d55a85d02c7ce3fc3371935301f0b60084d5f 192324
tomcat8-examples_8.0.14-1+deb8u3_all.deb
db7b703b7eb73470452fb5426006680ea74d5b43 687728
tomcat8-docs_8.0.14-1+deb8u3_all.deb
Checksums-Sha256:
4cc035fb7c90af3a32fbfe442a38b3156ca4564309c78d10e0c0022413275563 2974
tomcat8_8.0.14-1+deb8u3.dsc
30460d122d7562609f449e5571365552024961fe9ed853691ee57da76c85b650 51488
tomcat8_8.0.14-1+deb8u3.debian.tar.xz
212cfcf2c0a16f978df53ccd8c2bf24886bc811df26c3e1f613d3e1f9f967b72 55928
tomcat8-common_8.0.14-1+deb8u3_all.deb
2a0579e342c8e3529dc875598a991249cf567bb3876b9c222edbd998aa1f5438 45616
tomcat8_8.0.14-1+deb8u3_all.deb
bbc11c9caa712a6c1c7d4deeee2f6f4bb47d9e5d72c1a4978a89628ba76769cf 33036
tomcat8-user_8.0.14-1+deb8u3_all.deb
9553262c98ac0506ff6bb5f48db8b252aa9c28bfdb38c0bdd395fd8920dfe874 4584010
libtomcat8-java_8.0.14-1+deb8u3_all.deb
a0260c64d1dabe60a60c2cc0147e7393dd8762e02db584776cb0b0495ffa1f9d 390484
libservlet3.1-java_8.0.14-1+deb8u3_all.deb
d4a3b7b7c02950d4053b827b5a09f44fd6c3cb7a33b056ef346e202eeac2f59f 245194
libservlet3.1-java-doc_8.0.14-1+deb8u3_all.deb
1ddb4b0c4877913c1eb43fe2d135121f68cd74ecf922bbf933a4afda1c8e660f 34470
tomcat8-admin_8.0.14-1+deb8u3_all.deb
2ebb6c2083a2f9f6f3a2b891035b2f9e51cb1300e18703581f3e7dd0f08f1d6e 192324
tomcat8-examples_8.0.14-1+deb8u3_all.deb
d77db45b6e9161d54f58eb5fed93a5e0092de25da2d80ecc957a3d18185b901b 687728
tomcat8-docs_8.0.14-1+deb8u3_all.deb
Files:
a2aacac1bc97ad751377626a20a6644b 2974 java optional tomcat8_8.0.14-1+deb8u3.dsc
7befb3ce086ead4ff3c568079ff58378 51488 java optional
tomcat8_8.0.14-1+deb8u3.debian.tar.xz
63a860b00c38c8a1292e03941f355a52 55928 java optional
tomcat8-common_8.0.14-1+deb8u3_all.deb
95486ea2629b1b83558646ec9d36d1dd 45616 java optional
tomcat8_8.0.14-1+deb8u3_all.deb
2ead9594f79cc4a991dda97113449a72 33036 java optional
tomcat8-user_8.0.14-1+deb8u3_all.deb
a40da7241683434d1a0e27a30787efa2 4584010 java optional
libtomcat8-java_8.0.14-1+deb8u3_all.deb
dfcc0da1fa51620eb832e666c5c160cd 390484 java optional
libservlet3.1-java_8.0.14-1+deb8u3_all.deb
d089da421e468826020031cdb141de7f 245194 doc optional
libservlet3.1-java-doc_8.0.14-1+deb8u3_all.deb
d62a27e6ee9068f6cec42259ba1aa671 34470 java optional
tomcat8-admin_8.0.14-1+deb8u3_all.deb
8d8738a00e86c4b653716d56a7d07455 192324 java optional
tomcat8-examples_8.0.14-1+deb8u3_all.deb
602065eb7473f89562fb3e41249e597b 687728 doc optional
tomcat8-docs_8.0.14-1+deb8u3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJXseY7XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkdWEQAJnYR8sooQDSZYSw3AFJmsIn
q5vcW9GPmlt+khJ5jX9UP/DEqBno9k2h2ylCOtpk8la0b+v4T3HIDdIEi806pT2N
EfkrAAb88hAcBuFUxFd8SlOnFW8UFAoiONPMGsl5MPtFgb3vvQaDC8svN/zAxxLt
Ze06B2U7IZfd22z4T7NQMgMbvtXjEGcP+Lk26ekxPXgRiCyRVE+nogPW50uleKqP
woPbYuCQtm6KOObUytXgpMHN+RRUIobddkfF8l63XeZRKaAqWXt2p5dmHZAjymCf
F+PoWioStIpi5CnPyz6n0lSvm0tARtwiqILtrgb8VW2EBKD0WnouFPi4o4bT83AK
vIEFC5sPASh96aYKVc/4H8ZxycYvZlbtVF05PebPs4Jm5/CW02O0TSSvTSFWakLO
XJBn1XECiVU+DBdP0zvoqo7+SYMGEAlH4wavSiagpaaFdtrdPnOE3qzxB6gv5uUu
knfuUK17fMk1G4iXCEdmv3h7cGi6VmMx+iNyK85udCm0/e4OTwxZY1yTVt2cMY25
j2TmFXX9qvCQoR1/ktFlf8w1Mg4+iomSYxkY9sUytmPpDjdYaHhuCeVBZXoUAMDf
oQLeCzQXs+ZfTUsqPLweiaBFcDZjRFR6MY/cd8n/i9Z/QpaeEs9Wnw+IlebummnV
vcWI5GB173/Uw9crDd8e
=6qe7
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>.
Please use
debian-j...@lists.debian.org for discussions and questions.
