tomcat7 7.0.30-0ubuntu1.3 source package in Ubuntu
Changelog
tomcat7 (7.0.30-0ubuntu1.3) quantal-security; urgency=medium * SECURITY UPDATE: request smuggling attack via content-length headers - debian/patches/CVE-2013-4286.patch: use long as content length in java/org/apache/coyote/Request.java, handle multiple content lengths in java/org/apache/coyote/ajp/AbstractAjpProcessor.java, handle content length and chunked encoding being both specified in java/org/apache/coyote/http11/AbstractHttp11Processor.java. - CVE-2013-4286 * SECURITY UPDATE: denial of service via chunked transfer coding - debian/patches/CVE-2013-4322.patch: enforce maximum size in java/org/apache/coyote/http11/{AbstractHttp11Processor.java, AbstractHttp11Protocol.java, Http11AprProcessor.java, Http11AprProtocol.java, Http11NioProcessor.java, Http11NioProtocol.java, Http11Processor.java, Http11Protocol.java}, java/org/apache/coyote/http11/filters/ChunkedInputFilter.java, test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java, webapps/docs/config/http.xml. - CVE-2013-4322 * SECURITY UPDATE: denial of service via malformed content-type header - debian/patches/CVE-2014-0050.patch: validate sizes in java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java, java/org/apache/tomcat/util/http/fileupload/MultipartStream.java. - CVE-2014-0050 * d/p/0018-update-test-certificates.patch: remove binary parts to support newer quilt. -- Marc Deslauriers <email address hidden> Tue, 04 Mar 2014 10:45:20 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Quantal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- java
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
tomcat7_7.0.30.orig.tar.gz | 3.8 MiB | 77c92931da577d97bb8c46b75b272f900088a8c92f8b80d5c764e50ebd79ac7c |
tomcat7_7.0.30-0ubuntu1.3.debian.tar.gz | 64.7 KiB | 660cf6204b8cdee2e4585a081dc5d29022f28ac54a6ad4c6d69c7e7884597ee3 |
tomcat7_7.0.30-0ubuntu1.3.dsc | 2.7 KiB | 1c57dc72e2654b9d233bc4347c262a0f8aa07c2748ebde2c93903d97cd51b3ce |
Available diffs
Binary packages built by this source
- libservlet3.0-java: No summary available for libservlet3.0-java in ubuntu quantal.
No description available for libservlet3.0-java in ubuntu quantal.
- libservlet3.0-java-doc: No summary available for libservlet3.0-java-doc in ubuntu quantal.
No description available for libservlet3.
0-java- doc in ubuntu quantal.
- libtomcat7-java: No summary available for libtomcat7-java in ubuntu quantal.
No description available for libtomcat7-java in ubuntu quantal.
- tomcat7: No summary available for tomcat7 in ubuntu quantal.
No description available for tomcat7 in ubuntu quantal.
- tomcat7-admin: No summary available for tomcat7-admin in ubuntu quantal.
No description available for tomcat7-admin in ubuntu quantal.
- tomcat7-common: No summary available for tomcat7-common in ubuntu quantal.
No description available for tomcat7-common in ubuntu quantal.
- tomcat7-docs: No summary available for tomcat7-docs in ubuntu quantal.
No description available for tomcat7-docs in ubuntu quantal.
- tomcat7-examples: No summary available for tomcat7-examples in ubuntu quantal.
No description available for tomcat7-examples in ubuntu quantal.
- tomcat7-user: No summary available for tomcat7-user in ubuntu quantal.
No description available for tomcat7-user in ubuntu quantal.