Package: tomcat6 Severity: grave Tags: security Justification: user security hole
Please see http://tomcat.apache.org/security-6.html Since Wheezy is frozen, please apply isolated security fixes and do not update to a new upstream release. BTW, is it really necessary to have both tomcat6 and tomcat7 in Wheezy? Shouldn't tomcat6 be dropped in favour of tomcat7? Cheers, Moritz _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
