This bug was fixed in the package tomcat6 - 6.0.28-10ubuntu2.2
---
tomcat6 (6.0.28-10ubuntu2.2) natty-security; urgency=low
* SECURITY UPDATE: information disclosure via log file
- debian/patches/0015-CVE-2011-2204.patch: fix logging in
This bug was fixed in the package tomcat6 - 6.0.28-2ubuntu1.5
---
tomcat6 (6.0.28-2ubuntu1.5) maverick-security; urgency=low
* SECURITY UPDATE: information disclosure via log file
- debian/patches/0015-CVE-2011-2204.patch: fix logging in
This bug was fixed in the package tomcat6 - 6.0.24-2ubuntu1.9
---
tomcat6 (6.0.24-2ubuntu1.9) lucid-security; urgency=low
* SECURITY UPDATE: information disclosure via log file
- debian/patches/0015-CVE-2011-2204.patch: fix logging in
** Branch linked: lp:ubuntu/tomcat6
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass and information
disclosure
To
Removing ubuntu-security-sponsors. tomcat5.5 is processed and tomcat6 is
pending in the security ppa.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190
This bug was fixed in the package tomcat5.5 - 5.5.25-5ubuntu1.3
---
tomcat5.5 (5.5.25-5ubuntu1.3) hardy-security; urgency=low
* SECURITY UPDATE: Apache Tomcat Authentication bypass and information
disclosure (LP: #843701).
-
** Branch linked: lp:ubuntu/hardy-security/tomcat5.5
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass and information
Thanks again for the tomcat5.5 Hardy branch, James! As you probably
noticed, I touched up the changelog a little bit to add in the upstream
author and a link to the upstream patch. Everything else looked great
and the updated package should now be available.
--
You received this bug notification
** Changed in: tomcat5.5 (Ubuntu Hardy)
Status: Confirmed = In Progress
** Changed in: tomcat5.5 (Ubuntu Hardy)
Assignee: (unassigned) = Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in
** Changed in: tomcat6 (Ubuntu Hardy)
Status: In Progress = Invalid
** Changed in: tomcat6 (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Changed in: tomcat6 (Ubuntu Maverick)
Status: In Progress = Fix Committed
** Changed in: tomcat6 (Ubuntu Natty)
Status: In
** Also affects: tomcat6 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: tomcat7 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: tomcat6 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: tomcat7 (Ubuntu Lucid)
Branches linked with -security fixes for natty, maverick and lucid.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass
Marked tasks for tomcat7 pre Oneiric as 'Invalid' as not present in
earlier releases.
** Changed in: tomcat7 (Ubuntu Natty)
Status: New = Invalid
** Changed in: tomcat7 (Ubuntu Maverick)
Status: New = Invalid
** Changed in: tomcat7 (Ubuntu Lucid)
Status: New = Invalid
**
Branch linked with -security fix for tomcat5.5 in hardy
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass and
** Branch linked: lp:~james-page/ubuntu/hardy/tomcat5.5/CVE-2011-3190
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass
Subscribing ubuntu-security-sponsors for the hardy tomcat5.5 update.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass
Thanks for the branches. Tomcat6 updates have already been prepared by
the security team, and are currently being tested.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
Unsubscribing ubuntu-security-sponsors since Marc is handling this as
part of his update.
** Changed in: tomcat6 (Ubuntu Lucid)
Status: New = In Progress
** Changed in: tomcat6 (Ubuntu Lucid)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: tomcat6 (Ubuntu
Added tomcat5.5 task and re-subscribed ubuntu-security-sponsors since
there's a tomcat5.5 branch linked here for sponsoring.
** Also affects: tomcat5.5 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: tomcat5.5 (Ubuntu Lucid)
Status: New = Invalid
** Changed in:
** Branch linked: lp:~james-page/ubuntu/hardy/tomcat6/CVE-2011-3190
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass
Nominating for SRU in hardy (backports), lucid, maverick and natty
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass
** Branch linked: lp:~james-page/ubuntu/oneiric/tomcat6/CVE-2011-3190
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass
This bug was fixed in the package tomcat6 - 6.0.32-5ubuntu1
---
tomcat6 (6.0.32-5ubuntu1) oneiric; urgency=low
* Added patch for CVE-2011-3190 (LP: #843701).
-- James Page james.p...@ubuntu.com Thu, 08 Sep 2011 14:45:34 +0100
** Changed in: tomcat6 (Ubuntu)
Status:
New upstream release sync for tomcat7 raised under bug 844745
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass and
tomcat7 was fixed in 7.0.21-1.
** Changed in: tomcat6 (Ubuntu)
Status: New = Confirmed
** Changed in: tomcat7 (Ubuntu)
Status: New = Confirmed
** Changed in: tomcat7 (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member
25 matches
Mail list logo