tomcat8_8.5.14-1+deb9u2_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

2017-09-23 Thread Debian FTP Masters 


Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 03 Sep 2017 19:51:58 +0200
Source: tomcat8
Binary: tomcat8-common tomcat8 tomcat8-user libtomcat8-java 
libtomcat8-embed-java libservlet3.1-java libservlet3.1-java-doc tomcat8-admin 
tomcat8-examples tomcat8-docs
Architecture: source all
Version: 8.5.14-1+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description:
 libservlet3.1-java - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API 
classes
 libservlet3.1-java-doc - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java 
API documenta
 libtomcat8-embed-java - Apache Tomcat 8 - Servlet and JSP engine -- embed 
libraries
 libtomcat8-java - Apache Tomcat 8 - Servlet and JSP engine -- core libraries
 tomcat8- Apache Tomcat 8 - Servlet and JSP engine
 tomcat8-admin - Apache Tomcat 8 - Servlet and JSP engine -- admin web 
application
 tomcat8-common - Apache Tomcat 8 - Servlet and JSP engine -- common files
 tomcat8-docs - Apache Tomcat 8 - Servlet and JSP engine -- documentation
 tomcat8-examples - Apache Tomcat 8 - Servlet and JSP engine -- example web 
applicati
 tomcat8-user - Apache Tomcat 8 - Servlet and JSP engine -- tools to create user
Changes:
 tomcat8 (8.5.14-1+deb9u2) stretch-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2017-7674:
 The CORS Filter did not add an HTTP Vary header indicating that the
 response varies depending on Origin. This permitted client and server side
 cache poisoning in some circumstances.
   * Fix CVE-2017-7675:
 The HTTP/2 implementation bypassed a number of security checks that
 prevented directory traversal attacks. It was therefore possible to bypass
 security constraints using a specially crafted URL.
Checksums-Sha1:
 ded388cf10f5860360d9da30180b24131f0aab94 3116 tomcat8_8.5.14-1+deb9u2.dsc
 e63fc25dae0d501646ff72f87ac8cfe16481da1a 44256 
tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 17a93dd040609c0cc71fb6b760d1dd5082a71762 242020 
libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 5fe4ebb69c914fbcce12c2c7c45e56030680e6ef 393262 
libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 1a1befad7517aa2d66ab8bbb89404376be9777a9 3870254 
libtomcat8-embed-java_8.5.14-1+deb9u2_all.deb
 0dd64715e47d3448112993d4647e723f354d2549 4818542 
libtomcat8-java_8.5.14-1+deb9u2_all.deb
 cb1e1d256a57875be351cbe4166729edeb645c33 33290 
tomcat8-admin_8.5.14-1+deb9u2_all.deb
 5b81fe189a69ab4cbb0c2c7424f45bcba9d1fa38 63996 
tomcat8-common_8.5.14-1+deb9u2_all.deb
 664843b8edc95303d00f20c3bbda297b0a7366d0 679772 
tomcat8-docs_8.5.14-1+deb9u2_all.deb
 8c8b867377f99d7040650a513047132188803ef6 188656 
tomcat8-examples_8.5.14-1+deb9u2_all.deb
 3fef7d8520759bfb9c01a71da686e1283b225cf3 38954 
tomcat8-user_8.5.14-1+deb9u2_all.deb
 3daaf9efc334b0424effdb1c98be200141740ff3 51114 tomcat8_8.5.14-1+deb9u2_all.deb
 9ea72a6dc35f3538e1778e2201c5aae111bc3ada 13926 
tomcat8_8.5.14-1+deb9u2_amd64.buildinfo
Checksums-Sha256:
 563e32f2b6116837b311f76febcc7ffc965408efc6574c9f4629a692b936e9f2 3116 
tomcat8_8.5.14-1+deb9u2.dsc
 e630de89565cd66a044896578b6d01d38b5d9cbf96034532781f9e140ee17f23 44256 
tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 3b31715cbd79f7ec903f91c5dd198b013a6450b08a8825337778b9463757e937 242020 
libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 8dbfe204ce9798e95fb8cd0d5d5063e9b3e11642bd909a591e413b08fcb7cafc 393262 
libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 6462dd64afdd912ab3a878cdac785ff40e0a79c5f0cf2f9285e18277524826b2 3870254 
libtomcat8-embed-java_8.5.14-1+deb9u2_all.deb
 c72bc5ffd699d3fa7975c6e4b3a7beec303001bc3d4516bdb98360cfc7cab64d 4818542 
libtomcat8-java_8.5.14-1+deb9u2_all.deb
 9a7412cb962adfa893ffce7f623e77fe7f09f2bb82f9fd6fce1fa42c61548891 33290 
tomcat8-admin_8.5.14-1+deb9u2_all.deb
 93cc3a21239ca967325d2ceb1526bd811b5d74d99ff8db1e35fce597d2c86c0f 63996 
tomcat8-common_8.5.14-1+deb9u2_all.deb
 732025c53f73f0b4b9450c5d6cb90217f12a1abf5e94331f7325db88d09143c0 679772 
tomcat8-docs_8.5.14-1+deb9u2_all.deb
 762cee0c6d50007d63d0e3bd6086bf523582ba0ef409ee1569390bdd139d4f73 188656 
tomcat8-examples_8.5.14-1+deb9u2_all.deb
 3c179b1a7e637ab9f44220aa17976143affc56cf8ca2651dd9d3645f734a1fc9 38954 
tomcat8-user_8.5.14-1+deb9u2_all.deb
 7ff7c8c5a937b8c6abc6a89bb2844da06afa30ba3c2b93994b10d02adeebca18 51114 
tomcat8_8.5.14-1+deb9u2_all.deb
 0050ebcb68a5c8efd195d655cb790a4ac0577da2839f1382a9fe8d3de44b99be 13926 
tomcat8_8.5.14-1+deb9u2_amd64.buildinfo
Files:
 8d7e73c6be03748abe683f8272f5f027 3116 java optional tomcat8_8.5.14-1+deb9u2.dsc
 24b01e41005339ba13adec470cceed31 44256 java optional 
tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 087842f447c09f944414a50bf6db3414 242020 doc optional 
libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 cf5dfc0ff41a898ff6970e046a8edfb5 393262 java optional 
libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 65e513a63f86b7c57833c20f939513ae 3870254 java optional

tomcat8_8.5.14-1+deb9u2_amd64.changes ACCEPTED into proposed-updates->stable-new

2017-09-15 Thread Debian FTP Masters 
Mapping stable-security to proposed-updates.

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 03 Sep 2017 19:51:58 +0200
Source: tomcat8
Binary: tomcat8-common tomcat8 tomcat8-user libtomcat8-java 
libtomcat8-embed-java libservlet3.1-java libservlet3.1-java-doc tomcat8-admin 
tomcat8-examples tomcat8-docs
Architecture: source all
Version: 8.5.14-1+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian Java Maintainers 

Changed-By: Markus Koschany 
Description:
 libservlet3.1-java - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API 
classes
 libservlet3.1-java-doc - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java 
API documenta
 libtomcat8-embed-java - Apache Tomcat 8 - Servlet and JSP engine -- embed 
libraries
 libtomcat8-java - Apache Tomcat 8 - Servlet and JSP engine -- core libraries
 tomcat8- Apache Tomcat 8 - Servlet and JSP engine
 tomcat8-admin - Apache Tomcat 8 - Servlet and JSP engine -- admin web 
application
 tomcat8-common - Apache Tomcat 8 - Servlet and JSP engine -- common files
 tomcat8-docs - Apache Tomcat 8 - Servlet and JSP engine -- documentation
 tomcat8-examples - Apache Tomcat 8 - Servlet and JSP engine -- example web 
applicati
 tomcat8-user - Apache Tomcat 8 - Servlet and JSP engine -- tools to create user
Changes:
 tomcat8 (8.5.14-1+deb9u2) stretch-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2017-7674:
 The CORS Filter did not add an HTTP Vary header indicating that the
 response varies depending on Origin. This permitted client and server side
 cache poisoning in some circumstances.
   * Fix CVE-2017-7675:
 The HTTP/2 implementation bypassed a number of security checks that
 prevented directory traversal attacks. It was therefore possible to bypass
 security constraints using a specially crafted URL.
Checksums-Sha1:
 ded388cf10f5860360d9da30180b24131f0aab94 3116 tomcat8_8.5.14-1+deb9u2.dsc
 e63fc25dae0d501646ff72f87ac8cfe16481da1a 44256 
tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 17a93dd040609c0cc71fb6b760d1dd5082a71762 242020 
libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 5fe4ebb69c914fbcce12c2c7c45e56030680e6ef 393262 
libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 1a1befad7517aa2d66ab8bbb89404376be9777a9 3870254 
libtomcat8-embed-java_8.5.14-1+deb9u2_all.deb
 0dd64715e47d3448112993d4647e723f354d2549 4818542 
libtomcat8-java_8.5.14-1+deb9u2_all.deb
 cb1e1d256a57875be351cbe4166729edeb645c33 33290 
tomcat8-admin_8.5.14-1+deb9u2_all.deb
 5b81fe189a69ab4cbb0c2c7424f45bcba9d1fa38 63996 
tomcat8-common_8.5.14-1+deb9u2_all.deb
 664843b8edc95303d00f20c3bbda297b0a7366d0 679772 
tomcat8-docs_8.5.14-1+deb9u2_all.deb
 8c8b867377f99d7040650a513047132188803ef6 188656 
tomcat8-examples_8.5.14-1+deb9u2_all.deb
 3fef7d8520759bfb9c01a71da686e1283b225cf3 38954 
tomcat8-user_8.5.14-1+deb9u2_all.deb
 3daaf9efc334b0424effdb1c98be200141740ff3 51114 tomcat8_8.5.14-1+deb9u2_all.deb
 9ea72a6dc35f3538e1778e2201c5aae111bc3ada 13926 
tomcat8_8.5.14-1+deb9u2_amd64.buildinfo
Checksums-Sha256:
 563e32f2b6116837b311f76febcc7ffc965408efc6574c9f4629a692b936e9f2 3116 
tomcat8_8.5.14-1+deb9u2.dsc
 e630de89565cd66a044896578b6d01d38b5d9cbf96034532781f9e140ee17f23 44256 
tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 3b31715cbd79f7ec903f91c5dd198b013a6450b08a8825337778b9463757e937 242020 
libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 8dbfe204ce9798e95fb8cd0d5d5063e9b3e11642bd909a591e413b08fcb7cafc 393262 
libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 6462dd64afdd912ab3a878cdac785ff40e0a79c5f0cf2f9285e18277524826b2 3870254 
libtomcat8-embed-java_8.5.14-1+deb9u2_all.deb
 c72bc5ffd699d3fa7975c6e4b3a7beec303001bc3d4516bdb98360cfc7cab64d 4818542 
libtomcat8-java_8.5.14-1+deb9u2_all.deb
 9a7412cb962adfa893ffce7f623e77fe7f09f2bb82f9fd6fce1fa42c61548891 33290 
tomcat8-admin_8.5.14-1+deb9u2_all.deb
 93cc3a21239ca967325d2ceb1526bd811b5d74d99ff8db1e35fce597d2c86c0f 63996 
tomcat8-common_8.5.14-1+deb9u2_all.deb
 732025c53f73f0b4b9450c5d6cb90217f12a1abf5e94331f7325db88d09143c0 679772 
tomcat8-docs_8.5.14-1+deb9u2_all.deb
 762cee0c6d50007d63d0e3bd6086bf523582ba0ef409ee1569390bdd139d4f73 188656 
tomcat8-examples_8.5.14-1+deb9u2_all.deb
 3c179b1a7e637ab9f44220aa17976143affc56cf8ca2651dd9d3645f734a1fc9 38954 
tomcat8-user_8.5.14-1+deb9u2_all.deb
 7ff7c8c5a937b8c6abc6a89bb2844da06afa30ba3c2b93994b10d02adeebca18 51114 
tomcat8_8.5.14-1+deb9u2_all.deb
 0050ebcb68a5c8efd195d655cb790a4ac0577da2839f1382a9fe8d3de44b99be 13926 
tomcat8_8.5.14-1+deb9u2_amd64.buildinfo
Files:
 8d7e73c6be03748abe683f8272f5f027 3116 java optional tomcat8_8.5.14-1+deb9u2.dsc
 24b01e41005339ba13adec470cceed31 44256 java optional 
tomcat8_8.5.14-1+deb9u2.debian.tar.xz
 087842f447c09f944414a50bf6db3414 242020 doc optional 
libservlet3.1-java-doc_8.5.14-1+deb9u2_all.deb
 cf5dfc0ff41a898ff6970e046a8edfb5 393262 java optional 
libservlet3.1-java_8.5.14-1+deb9u2_all.deb
 65e513a63f86b7c57833c20f939513ae 3870254 java