A backport is again available in
It works - but the APR has been changed:
An incompatible version 1.1.22 of the APR based Apache Tomcat Native
library is installed, while Tomcat requires version 1.1.24
So in addition also tomcat-native should be backported
** Summary changed:
- Please backport tomcat7 7.0.34 (main) from raring to precise (and quantal)
+ Please backport tomcat7 7.0.34 (main) from raring to precise (and quantal)
[and tomcat-native]
** Description changed:
Please backport tomcat7 7.0.30-0ubuntu1 (main) from raring to precise.
Reason for the backport:
- Currently tomcat7 on precise is 7.0.26
- quantal an roaring providing 7.0.30
+ Currently tomcat7 on precise is 7.0.26 (see linked CVE)
+ quantal is providing 7.0.30 (see some of the linked CVE)
+ raring is providing 7.0.34
In my opinion it would be good to have the most current tomcat7 version also
in precise-backports.
The goal should be providing the latest tomcat7 stable release also via
backports in the LTS release of ubuntu.
+ In addition the old version if affected by some security issues.
The number of fixes is still impressing :-)
https://tomcat.apache.org/tomcat-7.0-doc/changelog.html
+
+
+ NOTE: In tomcat 7.0.34 has the APR library has changed. For satisfying the
runtime dependency tomcat-native should also backported
Testing:
Mark off items in the checklist [X] as you test them, but please leave the
checklist so that backporters can quickly evaluate the state of testing.
You can test-build the backport in your PPA with backportpackage:
$ backportpackage -u ppa:lp username/ppa name -s raring -d precise tomcat7
-- see ppa:dirk-computer42/c42-backport
* precise:
[X] Package builds without modification
[X] tomcat7-common installs cleanly and runs
[X] libservlet3.0-java installs cleanly and runs
[X] tomcat7-docs installs cleanly and runs
[X] libservlet3.0-java-doc installs cleanly and runs
[X] tomcat7 installs cleanly and runs
[X] libtomcat7-java installs cleanly and runs
[X] tomcat7-user installs cleanly and runs
[X] tomcat7-admin installs cleanly and runs
[X] tomcat7-examples installs cleanly and runs
Reverse dependencies:
=
The following reverse-dependencies need to be tested against the new version
of tomcat7. For reverse-build-dependencies (-Indep), please test that the
package still builds against the new tomcat7. For reverse-dependencies, please
test that the version of the package currently in the release still works with
the new tomcat7 installed. Reverse- Recommends, Suggests, and Enhances don't
need to be tested, and are listed for completeness-sake.
tomcat7-common
--
libservlet3.0-java
--
* libjtharness-java
[ ] precise (Reverse-Depends)
* jtharness
[ ] precise (Reverse-Build-Depends-Indep)
tomcat7-docs
libservlet3.0-java-doc
--
tomcat7
---
libtomcat7-java
---
tomcat7-user
tomcat7-admin
-
tomcat7-examples
** Also affects: tomcat7 (Ubuntu)
Importance: Undecided
Status: New
** Summary changed:
- Please backport tomcat7 7.0.34 (main) from raring to precise (and quantal)
[and tomcat-native]
+ Please backport tomcat7 7.0.34 (main) from raring to precise (and quantal)
[and tomcat-native] to fix serious CVE reports
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1073159
Title:
Please backport tomcat7 7.0.34 (main) from raring to precise (and
quantal) [and tomcat-native] to fix serious CVE reports
To manage notifications about this bug go to:
https://bugs.launchpad.net/precise-backports/+bug/1073159/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs