Renaming so it doesn't look like the sky is falling in my bug lists.
** Summary changed:
- Security bugs are never fixed in the tomcat packages
+ Outstanding low priority security bugs in the tomcat7 packages
** Changed in: tomcat7 (Ubuntu)
Status: New => Triaged
** Changed in: tomcat7 (
Thanks for reporting this issue.
You can track the security updates for tomcat 7 here:
http://people.canonical.com/~ubuntu-security/cve/pkg/tomcat7.html
CVE-2014-0075, CVE-2014-0096 and CVE-2014-0099 have been published for trusty
in this advisory:
http://www.ubuntu.com/usn/usn-2302-1/
CVE-2014
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0099
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0096
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0075
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0