Bug#782635: tomcat8-admin: Default upload limit for manager app too small with no way to override

2015-04-15 Thread Dominic Hargreaves
On Wed, Apr 15, 2015 at 11:22:26AM +0100, Dominic Hargreaves wrote: On Wed, Apr 15, 2015 at 12:13:56PM +0200, Emmanuel Bourg wrote: The web.xml file of the manager application is packaged as is, there is no difference with the file distributed upstream. I suggest that you raise this

jenkins REMOVED from testing

2015-04-15 Thread Debian testing watch
FYI: The status of the jenkins source package in Debian's testing distribution has changed. Previous version: 1.565.3-3 Current version: (not in testing) Hint: http://release.debian.org/britney/hints/nthykier #2015-04-08; done 2015-04-15 #

jenkins-antisamy-markup-formatter-plugin REMOVED from testing

2015-04-15 Thread Debian testing watch
FYI: The status of the jenkins-antisamy-markup-formatter-plugin source package in Debian's testing distribution has changed. Previous version: 1.2-1 Current version: (not in testing) Hint: http://release.debian.org/britney/hints/nthykier #2015-04-08; done 2015-04-15 #

jenkins-instance-identity REMOVED from testing

2015-04-15 Thread Debian testing watch
FYI: The status of the jenkins-instance-identity source package in Debian's testing distribution has changed. Previous version: 1.4-1 Current version: (not in testing) Hint: http://release.debian.org/britney/hints/nthykier #2015-04-08; done 2015-04-15 #

jenkins-matrix-auth-plugin REMOVED from testing

2015-04-15 Thread Debian testing watch
FYI: The status of the jenkins-matrix-auth-plugin source package in Debian's testing distribution has changed. Previous version: 1.2-1 Current version: (not in testing) Hint: http://release.debian.org/britney/hints/nthykier #2015-04-08; done 2015-04-15 #

jenkins-ssh-cli-auth REMOVED from testing

2015-04-15 Thread Debian testing watch
FYI: The status of the jenkins-ssh-cli-auth source package in Debian's testing distribution has changed. Previous version: 1.2-1 Current version: (not in testing) Hint: http://release.debian.org/britney/hints/nthykier #2015-04-08; done 2015-04-15 #

jenkins-matrix-project-plugin REMOVED from testing

2015-04-15 Thread Debian testing watch
FYI: The status of the jenkins-matrix-project-plugin source package in Debian's testing distribution has changed. Previous version: 1.3-1 Current version: (not in testing) Hint: http://release.debian.org/britney/hints/nthykier #2015-04-08; done 2015-04-15 #

jenkins-ant-plugin REMOVED from testing

2015-04-15 Thread Debian testing watch
FYI: The status of the jenkins-ant-plugin source package in Debian's testing distribution has changed. Previous version: 1.2-1 Current version: (not in testing) Hint: http://release.debian.org/britney/hints/nthykier #2015-04-08; done 2015-04-15 #

jenkins-mailer-plugin REMOVED from testing

2015-04-15 Thread Debian testing watch
FYI: The status of the jenkins-mailer-plugin source package in Debian's testing distribution has changed. Previous version: 1.11-1 Current version: (not in testing) Hint: http://release.debian.org/britney/hints/nthykier #2015-04-08; done 2015-04-15 #

Bug#758086: CVE-2014-3577: Apache HttpComponents hostname verification bypass

2015-04-15 Thread Sébastien Delafond
On Apr/15, Markus Koschany wrote: I have prepared a patch for CVE-2014-3577 (commons-httpclient). [1] The patch is identical to the Jessie / Sid fix. Do you consider this vulnerability important enough for a DSA or do you prefer a point release update? Hi Markus, this issue was marked no-dsa

Bug#782660: java-package: Provide a transitional way for the package name

2015-04-15 Thread Bernhard Schmidt
Package: java-package Version: 0.52 Severity: normal Hi, during the 0.52 cycle the package names were changed from (i.e.) oracle-j2re1.7 to oracle-java7-jre While I generally think the new names are cleaner the old package is not replaced by the new package automatically. I

Bug#758086: CVE-2014-3577: Apache HttpComponents hostname verification bypass

2015-04-15 Thread Markus Koschany
Hello security team, I have prepared a patch for CVE-2014-3577 (commons-httpclient). [1] The patch is identical to the Jessie / Sid fix. Do you consider this vulnerability important enough for a DSA or do you prefer a point release update? Regards, Markus [1] https://bugs.debian.org/758086

Bug#782635: tomcat8-admin: Default upload limit for manager app too small with no way to override

2015-04-15 Thread Emmanuel Bourg
Le 15/04/2015 16:05, Dominic Hargreaves a écrit : Here's a useful response from someone on the tomcat-users list, who seems to agree that this is something that should be changed at the Debian side. Here is the link for the reference:

Bug#782635: tomcat8-admin: Default upload limit for manager app too small with no way to override

2015-04-15 Thread Dominic Hargreaves
On Wed, Apr 15, 2015 at 12:13:56PM +0200, Emmanuel Bourg wrote: The web.xml file of the manager application is packaged as is, there is no difference with the file distributed upstream. I suggest that you raise this question on the Tomcat user list, someone should be able to help you with

Bug#782635: tomcat8-admin: Default upload limit for manager app too small with no way to override

2015-04-15 Thread Dominic Hargreaves
Package: tomcat8-admin Version: 8.0.14-1 Severity: normal Hi, I found that the manager app file upload limit was too small for our purposes. As per [1] I've been unable to find a way to override the maximum file upload size defined in web.xml without editing web.xml directly, which is obviously

Bug#782635: tomcat8-admin: Default upload limit for manager app too small with no way to override

2015-04-15 Thread Emmanuel Bourg
Hi Dominic, The web.xml file of the manager application is packaged as is, there is no difference with the file distributed upstream. I suggest that you raise this question on the Tomcat user list, someone should be able to help you with this configuration issue there. I don't think we can do