tomcat7 (7.0.70-3) unstable; urgency=high

  * Team upload.
  * Fixed CVE-2016-1240: A flaw in the init.d startup script allows local
    attackers who have gained access to the server in the context of the
    tomcat user through a vulnerability in a web application to replace
    the catalina.out file with a symlink to an arbitrary file on the system,
    potentially leading to a root privilege escalation.
    Thanks to Dawid Golunski for the report.

Date: 2016-09-16 10:28:43.200633+00:00
Changed-By: Debian Java Maintainers 
Signed-By: LocutusOfBorg <>
Sorry, changesfile not available.
Yakkety-changes mailing list
Modify settings or unsubscribe at:

Reply via email to