Git : Code : tomcat8 package : Ubuntu

Ubuntu
tomcat8 package

Overview
Code
Bugs
Blueprints
Translations
Answers

View Bazaar branches

Get this repository:: git clone https://git.launchpad.net/ubuntu/+source/tomcat8

Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name	Last Modified	Last Commit
importer/ubuntu/dsc	2019-09-10 17:57:29 UTC 2019-09-10	DSC file for 8.0.32-1ubuntu1.10 Author: Ubuntu Git Importer Author Date: 2019-09-10 17:57:29 UTC DSC file for 8.0.32-1ubuntu1.10
applied/ubuntu/xenial-updates	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-applied version 8.0.32-1ubuntu1.10 to applied/ubuntu/xenial-se... Author: Maria Emilia Torino Author Date: 2019-09-09 12:49:23 UTC Import patches-applied version 8.0.32-1ubuntu1.10 to applied/ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: d075ed284fac52164623a8f46c71f1dc725cb9c8 Unapplied parent: 3823a8ee5cda941d851cf681f6c4cbd5d5cda414 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221
applied/ubuntu/xenial-security	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-applied version 8.0.32-1ubuntu1.10 to applied/ubuntu/xenial-se... Author: Maria Emilia Torino Author Date: 2019-09-09 12:49:23 UTC Import patches-applied version 8.0.32-1ubuntu1.10 to applied/ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: d075ed284fac52164623a8f46c71f1dc725cb9c8 Unapplied parent: 3823a8ee5cda941d851cf681f6c4cbd5d5cda414 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221
applied/ubuntu/xenial-devel	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-applied version 8.0.32-1ubuntu1.10 to applied/ubuntu/xenial-se... Author: Maria Emilia Torino Author Date: 2019-09-09 12:49:23 UTC Import patches-applied version 8.0.32-1ubuntu1.10 to applied/ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: d075ed284fac52164623a8f46c71f1dc725cb9c8 Unapplied parent: 3823a8ee5cda941d851cf681f6c4cbd5d5cda414 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221
ubuntu/xenial-devel	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-unapplied version 8.0.32-1ubuntu1.10 to ubuntu/xenial-security Author: Maria Emilia Torino Author Date: 2019-09-09 12:49:23 UTC Import patches-unapplied version 8.0.32-1ubuntu1.10 to ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: e5b8c0dc428bfbb35556f37b7102ae8c2463ae57 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221
ubuntu/bionic-updates	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-sec... Author: Maria Emilia Torino Author Date: 2019-09-09 19:47:51 UTC Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: a5f279c863c95b8b664c30c44ca28b1407f4f36c New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221 * SECURITY UPDATE: DoS via thread exhaustion - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout handling to connection window exhaustion on write. - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle full allocation case. - CVE-2019-10072
ubuntu/bionic-security	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-sec... Author: Maria Emilia Torino Author Date: 2019-09-09 19:47:51 UTC Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: a5f279c863c95b8b664c30c44ca28b1407f4f36c New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221 * SECURITY UPDATE: DoS via thread exhaustion - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout handling to connection window exhaustion on write. - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle full allocation case. - CVE-2019-10072
applied/ubuntu/bionic-devel	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bion... Author: Maria Emilia Torino Author Date: 2019-09-09 19:47:51 UTC Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: aed56a6d7e71c64c8b51f0c03d521e250cdf3e69 Unapplied parent: 5be6ebe0e2db2899174913501c38f0c7ea115475 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221 * SECURITY UPDATE: DoS via thread exhaustion - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout handling to connection window exhaustion on write. - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle full allocation case. - CVE-2019-10072
applied/ubuntu/bionic-security	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bion... Author: Maria Emilia Torino Author Date: 2019-09-09 19:47:51 UTC Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: aed56a6d7e71c64c8b51f0c03d521e250cdf3e69 Unapplied parent: 5be6ebe0e2db2899174913501c38f0c7ea115475 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221 * SECURITY UPDATE: DoS via thread exhaustion - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout handling to connection window exhaustion on write. - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle full allocation case. - CVE-2019-10072
applied/ubuntu/bionic-updates	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bion... Author: Maria Emilia Torino Author Date: 2019-09-09 19:47:51 UTC Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: aed56a6d7e71c64c8b51f0c03d521e250cdf3e69 Unapplied parent: 5be6ebe0e2db2899174913501c38f0c7ea115475 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221 * SECURITY UPDATE: DoS via thread exhaustion - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout handling to connection window exhaustion on write. - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle full allocation case. - CVE-2019-10072
ubuntu/bionic-devel	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-sec... Author: Maria Emilia Torino Author Date: 2019-09-09 19:47:51 UTC Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: a5f279c863c95b8b664c30c44ca28b1407f4f36c New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221 * SECURITY UPDATE: DoS via thread exhaustion - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout handling to connection window exhaustion on write. - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle full allocation case. - CVE-2019-10072
ubuntu/xenial-updates	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-unapplied version 8.0.32-1ubuntu1.10 to ubuntu/xenial-security Author: Maria Emilia Torino Author Date: 2019-09-09 12:49:23 UTC Import patches-unapplied version 8.0.32-1ubuntu1.10 to ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: e5b8c0dc428bfbb35556f37b7102ae8c2463ae57 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221
ubuntu/xenial-security	2019-09-10 17:33:14 UTC 2019-09-10	Import patches-unapplied version 8.0.32-1ubuntu1.10 to ubuntu/xenial-security Author: Maria Emilia Torino Author Date: 2019-09-09 12:49:23 UTC Import patches-unapplied version 8.0.32-1ubuntu1.10 to ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: e5b8c0dc428bfbb35556f37b7102ae8c2463ae57 New changelog entries: * SECURITY UPDATE: XSS attack on SSI printenv command - debian/patches/CVE-2019-0221.patch: escape debug output to aid readability - CVE-2019-0221
ubuntu/bionic-proposed	2019-06-13 17:18:15 UTC 2019-06-13	Import patches-unapplied version 8.5.39-1ubuntu1~18.04.2 to ubuntu/bionic-pro... Author: Tiago Stürmer Daitx Author Date: 2019-05-09 13:50:49 UTC Import patches-unapplied version 8.5.39-1ubuntu1~18.04.2 to ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 34657f8d9814b583328fc74fddbdd8873ba06c88 New changelog entries: * debian/tomcat8-instance-create: update regex to account for the fact that the shutdown port is set to 8005 as default. LP: #1827090.
applied/ubuntu/bionic-proposed	2019-06-13 17:18:15 UTC 2019-06-13	Import patches-applied version 8.5.39-1ubuntu1~18.04.2 to applied/ubuntu/bion... Author: Tiago Stürmer Daitx Author Date: 2019-05-09 13:50:49 UTC Import patches-applied version 8.5.39-1ubuntu1~18.04.2 to applied/ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 269fd403db3335f0f4f36e0eabc0cfab8339abfb Unapplied parent: 7c77df5bae8e61dbadb6d5b63ce6db1668dc35e5 New changelog entries: * debian/tomcat8-instance-create: update regex to account for the fact that the shutdown port is set to 8005 as default. LP: #1827090.
ubuntu/cosmic-security	2019-04-10 17:07:29 UTC 2019-04-10	Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed Author: Tiago Stürmer Daitx Author Date: 2019-04-10 05:33:03 UTC Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 3b169a255f50e6ef1093d5cfb3b80dd1c406eedb New changelog entries: [ Matthias Klose ] * Backport for OpenJDK 11. LP: #1817567. * tomcat8 now uses systemd service instead of init scripts. See /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.
ubuntu/cosmic-proposed	2019-04-10 17:07:29 UTC 2019-04-10	Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed Author: Tiago Stürmer Daitx Author Date: 2019-04-10 05:33:03 UTC Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 3b169a255f50e6ef1093d5cfb3b80dd1c406eedb New changelog entries: [ Matthias Klose ] * Backport for OpenJDK 11. LP: #1817567. * tomcat8 now uses systemd service instead of init scripts. See /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.
ubuntu/cosmic-devel	2019-04-10 17:07:29 UTC 2019-04-10	Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed Author: Tiago Stürmer Daitx Author Date: 2019-04-10 05:33:03 UTC Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 3b169a255f50e6ef1093d5cfb3b80dd1c406eedb New changelog entries: [ Matthias Klose ] * Backport for OpenJDK 11. LP: #1817567. * tomcat8 now uses systemd service instead of init scripts. See /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.
applied/ubuntu/cosmic-security	2019-04-10 17:07:29 UTC 2019-04-10	Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic... Author: Tiago Stürmer Daitx Author Date: 2019-04-10 05:33:03 UTC Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: d1b2e524da855429409594bc4921cee48815521a Unapplied parent: 056cd5eaebcf369fb92e67eb47cf367a3c397cd1 New changelog entries: [ Matthias Klose ] * Backport for OpenJDK 11. LP: #1817567. * tomcat8 now uses systemd service instead of init scripts. See /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.
applied/ubuntu/cosmic-devel	2019-04-10 17:07:29 UTC 2019-04-10	Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic... Author: Tiago Stürmer Daitx Author Date: 2019-04-10 05:33:03 UTC Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: d1b2e524da855429409594bc4921cee48815521a Unapplied parent: 056cd5eaebcf369fb92e67eb47cf367a3c397cd1 New changelog entries: [ Matthias Klose ] * Backport for OpenJDK 11. LP: #1817567. * tomcat8 now uses systemd service instead of init scripts. See /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.
applied/ubuntu/cosmic-proposed	2019-04-10 17:07:29 UTC 2019-04-10	Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic... Author: Tiago Stürmer Daitx Author Date: 2019-04-10 05:33:03 UTC Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: d1b2e524da855429409594bc4921cee48815521a Unapplied parent: 056cd5eaebcf369fb92e67eb47cf367a3c397cd1 New changelog entries: [ Matthias Klose ] * Backport for OpenJDK 11. LP: #1817567. * tomcat8 now uses systemd service instead of init scripts. See /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.
ubuntu/cosmic-updates	2019-04-10 17:07:29 UTC 2019-04-10	Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed Author: Tiago Stürmer Daitx Author Date: 2019-04-10 05:33:03 UTC Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 3b169a255f50e6ef1093d5cfb3b80dd1c406eedb New changelog entries: [ Matthias Klose ] * Backport for OpenJDK 11. LP: #1817567. * tomcat8 now uses systemd service instead of init scripts. See /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.
applied/ubuntu/cosmic-updates	2019-04-10 17:07:29 UTC 2019-04-10	Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic... Author: Tiago Stürmer Daitx Author Date: 2019-04-10 05:33:03 UTC Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: d1b2e524da855429409594bc4921cee48815521a Unapplied parent: 056cd5eaebcf369fb92e67eb47cf367a3c397cd1 New changelog entries: [ Matthias Klose ] * Backport for OpenJDK 11. LP: #1817567. * tomcat8 now uses systemd service instead of init scripts. See /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.
ubuntu/disco-proposed	2019-03-26 11:18:15 UTC 2019-03-26	Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed Author: Matthias Klose Author Date: 2019-03-26 11:10:55 UTC Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: 2705029d45ad3f8a2903f3596b0ac320f559de63 New changelog entries: * Merge with Debian; remaining changes: - d/control: Break/replace tomcat8.0 binaries.
applied/ubuntu/devel	2019-03-26 11:18:15 UTC 2019-03-26	Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed Author: Matthias Klose Author Date: 2019-03-26 11:10:55 UTC Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: b22f9888401c62cb222f009b1d3df6088ee2df65 Unapplied parent: c385a34fd6e104e07bdb670ca79395263ed8ccfc New changelog entries: * Merge with Debian; remaining changes: - d/control: Break/replace tomcat8.0 binaries.
applied/ubuntu/disco	2019-03-26 11:18:15 UTC 2019-03-26	Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed Author: Matthias Klose Author Date: 2019-03-26 11:10:55 UTC Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: b22f9888401c62cb222f009b1d3df6088ee2df65 Unapplied parent: c385a34fd6e104e07bdb670ca79395263ed8ccfc New changelog entries: * Merge with Debian; remaining changes: - d/control: Break/replace tomcat8.0 binaries.
applied/ubuntu/disco-devel	2019-03-26 11:18:15 UTC 2019-03-26	Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed Author: Matthias Klose Author Date: 2019-03-26 11:10:55 UTC Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: b22f9888401c62cb222f009b1d3df6088ee2df65 Unapplied parent: c385a34fd6e104e07bdb670ca79395263ed8ccfc New changelog entries: * Merge with Debian; remaining changes: - d/control: Break/replace tomcat8.0 binaries.
applied/ubuntu/disco-proposed	2019-03-26 11:18:15 UTC 2019-03-26	Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed Author: Matthias Klose Author Date: 2019-03-26 11:10:55 UTC Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: b22f9888401c62cb222f009b1d3df6088ee2df65 Unapplied parent: c385a34fd6e104e07bdb670ca79395263ed8ccfc New changelog entries: * Merge with Debian; remaining changes: - d/control: Break/replace tomcat8.0 binaries.
ubuntu/devel	2019-03-26 11:18:15 UTC 2019-03-26	Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed Author: Matthias Klose Author Date: 2019-03-26 11:10:55 UTC Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: 2705029d45ad3f8a2903f3596b0ac320f559de63 New changelog entries: * Merge with Debian; remaining changes: - d/control: Break/replace tomcat8.0 binaries.
ubuntu/disco	2019-03-26 11:18:15 UTC 2019-03-26	Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed Author: Matthias Klose Author Date: 2019-03-26 11:10:55 UTC Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: 2705029d45ad3f8a2903f3596b0ac320f559de63 New changelog entries: * Merge with Debian; remaining changes: - d/control: Break/replace tomcat8.0 binaries.
ubuntu/disco-devel	2019-03-26 11:18:15 UTC 2019-03-26	Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed Author: Matthias Klose Author Date: 2019-03-26 11:10:55 UTC Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed Imported using git-ubuntu import. Changelog parent: 2705029d45ad3f8a2903f3596b0ac320f559de63 New changelog entries: * Merge with Debian; remaining changes: - d/control: Break/replace tomcat8.0 binaries.
importer/debian/dsc	2019-03-25 16:33:56 UTC 2019-03-25	DSC file for 8.5.39-1 Author: Ubuntu Git Importer Author Date: 2019-03-25 16:33:56 UTC DSC file for 8.5.39-1
applied/debian/experimental	2019-03-25 16:28:14 UTC 2019-03-25	Import patches-applied version 8.5.39-1 to applied/debian/experimental Author: Emmanuel Bourg Author Date: 2019-03-25 09:47:43 UTC Import patches-applied version 8.5.39-1 to applied/debian/experimental Imported using git-ubuntu import. Changelog parent: 07a6e52d02255a18cb8d7035ffe189676fb93574 Unapplied parent: b884991e9d637c83ef5eba28ad83ef89dd76cd2c New changelog entries: * Team upload. * New upstream release - Refreshed the patches * Track and download the new releases from GitHub
debian/experimental	2019-03-25 16:28:14 UTC 2019-03-25	Import patches-unapplied version 8.5.39-1 to debian/experimental Author: Emmanuel Bourg Author Date: 2019-03-25 09:47:43 UTC Import patches-unapplied version 8.5.39-1 to debian/experimental Imported using git-ubuntu import. Changelog parent: b6cc2d19934cb01a947d304ac9d4569c5f00b172 New changelog entries: * Team upload. * New upstream release - Refreshed the patches * Track and download the new releases from GitHub
applied/debian/buster	2019-02-27 04:41:02 UTC 2019-02-27	Import patches-applied version 8.5.38-2 to applied/debian/sid Author: Thorsten Glaser Author Date: 2019-02-26 20:37:51 UTC Import patches-applied version 8.5.38-2 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 66ae6004d61442a46180b3e0e7610edea84523f9 Unapplied parent: 70cfa98dbc1dfacf73319cc96df65a34062ba1bc New changelog entries: * Team upload. * Apply upstream patch to unbreak the startup script (Closes: #922863)
debian/buster	2019-02-27 04:41:02 UTC 2019-02-27	Import patches-unapplied version 8.5.38-2 to debian/sid Author: Thorsten Glaser Author Date: 2019-02-26 20:37:51 UTC Import patches-unapplied version 8.5.38-2 to debian/sid Imported using git-ubuntu import. Changelog parent: b770602c883d9a905b4b905a10977ae673ad4c1d New changelog entries: * Team upload. * Apply upstream patch to unbreak the startup script (Closes: #922863)
applied/debian/sid	2019-02-27 04:41:02 UTC 2019-02-27	Import patches-applied version 8.5.38-2 to applied/debian/sid Author: Thorsten Glaser Author Date: 2019-02-26 20:37:51 UTC Import patches-applied version 8.5.38-2 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 66ae6004d61442a46180b3e0e7610edea84523f9 Unapplied parent: 70cfa98dbc1dfacf73319cc96df65a34062ba1bc New changelog entries: * Team upload. * Apply upstream patch to unbreak the startup script (Closes: #922863)
debian/sid	2019-02-27 04:41:02 UTC 2019-02-27	Import patches-unapplied version 8.5.38-2 to debian/sid Author: Thorsten Glaser Author Date: 2019-02-26 20:37:51 UTC Import patches-unapplied version 8.5.38-2 to debian/sid Imported using git-ubuntu import. Changelog parent: b770602c883d9a905b4b905a10977ae673ad4c1d New changelog entries: * Team upload. * Apply upstream patch to unbreak the startup script (Closes: #922863)
ubuntu/xenial-proposed	2019-01-16 12:03:13 UTC 2019-01-16	Import patches-unapplied version 8.0.32-1ubuntu1.9 to ubuntu/xenial-proposed Author: Karl Stenerud Author Date: 2018-12-10 14:08:07 UTC Import patches-unapplied version 8.0.32-1ubuntu1.9 to ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 99fabbf378b9a713124ef689606c1b2b5f8d4e70 New changelog entries: * d/p/fix-class-resource-name-filtering.patch: Fix class and resource name filtering in WebappClassLoader (LP: #1606331).
applied/ubuntu/xenial-proposed	2019-01-16 12:03:13 UTC 2019-01-16	Import patches-applied version 8.0.32-1ubuntu1.9 to applied/ubuntu/xenial-pro... Author: Karl Stenerud Author Date: 2018-12-10 14:08:07 UTC Import patches-applied version 8.0.32-1ubuntu1.9 to applied/ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 260b08ffc3b4689a7f5f1b31045dfbd2f6704f28 Unapplied parent: abf130027e9cd47acdac05a0ab7c3248c15880d4 New changelog entries: * d/p/fix-class-resource-name-filtering.patch: Fix class and resource name filtering in WebappClassLoader (LP: #1606331).
debian/stretch	2018-11-10 17:18:32 UTC 2018-11-10	Import patches-unapplied version 8.5.14-1+deb9u3 to debian/stretch Author: Markus Koschany Author Date: 2018-08-24 19:44:12 UTC Import patches-unapplied version 8.5.14-1+deb9u3 to debian/stretch Imported using git-ubuntu import. Changelog parent: f0364fed3a05e43590126ea5fcf900b56ddfa9e9 New changelog entries: [ Emmanuel Bourg ] * Fixed CVE-2018-1304: Security constraints mapped to context root are ignored. The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. * Fixed CVE-2018-1305: Security constraint annotations applied too late. Security constraints defined by annotations of Servlets were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. * Changed the Class-Path manifest entry of tomcat8-jasper.jar to use the specification jars from libtomcat8-java instead of libservlet3.1-java (Closes: #867247) [ Markus Koschany ] * Fix CVE-2018-1336: An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. * Fix CVE-2018-8034: The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. * Fix CVE-2018-8037: If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. An additional issue was present in the NIO and NIO2 connectors that did not correctly track the closure of the connection when an async request was completed by the application and timed out by the container at the same time. This could also result in a user seeing a response intended for another user.
applied/debian/stretch	2018-11-10 17:18:32 UTC 2018-11-10	Import patches-applied version 8.5.14-1+deb9u3 to applied/debian/stretch Author: Markus Koschany Author Date: 2018-08-24 19:44:12 UTC Import patches-applied version 8.5.14-1+deb9u3 to applied/debian/stretch Imported using git-ubuntu import. Changelog parent: 0bd25f59af0183699d5bca56160fdadc2f3740dd Unapplied parent: 6294ec78d682cfb1ea7fca9d7ffcfc719e96932d New changelog entries: [ Emmanuel Bourg ] * Fixed CVE-2018-1304: Security constraints mapped to context root are ignored. The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. * Fixed CVE-2018-1305: Security constraint annotations applied too late. Security constraints defined by annotations of Servlets were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. * Changed the Class-Path manifest entry of tomcat8-jasper.jar to use the specification jars from libtomcat8-java instead of libservlet3.1-java (Closes: #867247) [ Markus Koschany ] * Fix CVE-2018-1336: An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. * Fix CVE-2018-8034: The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. * Fix CVE-2018-8037: If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. An additional issue was present in the NIO and NIO2 connectors that did not correctly track the closure of the connection when an async request was completed by the application and timed out by the container at the same time. This could also result in a user seeing a response intended for another user.
applied/ubuntu/cosmic	2018-09-20 08:33:17 UTC 2018-09-20	Import patches-applied version 8.5.34-1ubuntu1 to applied/ubuntu/cosmic-proposed Author: Matthias Klose Author Date: 2018-09-20 08:12:50 UTC Import patches-applied version 8.5.34-1ubuntu1 to applied/ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: df0f9897748f667ca3f0ded0e4f4fbc8c894fda8 Unapplied parent: a6795bc1f71ef13e91485b1580bf2187fba2076c New changelog entries: * Merge from Debian unstable. Remaining changes: - control: Break/replace tomcat8.0 binaries. (LP: #1717998) - support-jre8.diff.
ubuntu/cosmic	2018-09-20 08:33:17 UTC 2018-09-20	Import patches-unapplied version 8.5.34-1ubuntu1 to ubuntu/cosmic-proposed Author: Matthias Klose Author Date: 2018-09-20 08:12:50 UTC Import patches-unapplied version 8.5.34-1ubuntu1 to ubuntu/cosmic-proposed Imported using git-ubuntu import. Changelog parent: 4737d6aef0034e8e7d23189031934fe982bced00 New changelog entries: * Merge from Debian unstable. Remaining changes: - control: Break/replace tomcat8.0 binaries. (LP: #1717998) - support-jre8.diff.
ubuntu/artful-updates	2018-05-30 19:09:26 UTC 2018-05-30	Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security Author: Marc Deslauriers Author Date: 2018-05-28 13:03:55 UTC Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security Imported using git-ubuntu import. Changelog parent: 1313f8e759ef627af59f2187b35a5e4ebc7f0d95 New changelog entries: * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749) - debian/patches/CVE-2017-12617.patch: add checks to java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/webresources/AbstractFileResourceSet.java, java/org/apache/catalina/webresources/DirResourceSet.java, java/org/apache/tomcat/util/compat/JrePlatform.java, test/org/apache/catalina/webresources/AbstractTestResourceSet.java, test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java. - CVE-2017-12617 * SECURITY UPDATE: incorrectly documented CGI search algorithm - debian/patches/CVE-2017-15706.patch: adjust documentation in webapps/docs/cgi-howto.xml. - CVE-2017-15706 * SECURITY UPDATE: security constraints mapped to context root are ignored - debian/patches/CVE-2018-1304.patch: add check to java/org/apache/catalina/realm/RealmBase.java. - CVE-2018-1304 * SECURITY UPDATE: security constraint annotations applied too late - debian/patches/CVE-2018-1305.patch: change ordering in java/org/apache/catalina/Wrapper.java, java/org/apache/catalina/authenticator/AuthenticatorBase.java, java/org/apache/catalina/core/ApplicationContext.java, java/org/apache/catalina/core/ApplicationServletRegistration.java, java/org/apache/catalina/core/StandardContext.java, java/org/apache/catalina/core/StandardWrapper.java, java/org/apache/catalina/startup/ContextConfig.java, java/org/apache/catalina/startup/Tomcat.java, java/org/apache/catalina/startup/WebAnnotationSet.java. - CVE-2018-1305 * SECURITY UPDATE: CORS filter has insecure defaults - debian/patches/CVE-2018-8014.patch: change defaults in java/org/apache/catalina/filters/CorsFilter.java, java/org/apache/catalina/filters/LocalStrings.properties, test/org/apache/catalina/filters/TestCorsFilter.java, test/org/apache/catalina/filters/TesterFilterConfigs.java. - CVE-2018-8014
ubuntu/artful-security	2018-05-30 19:09:26 UTC 2018-05-30	Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security Author: Marc Deslauriers Author Date: 2018-05-28 13:03:55 UTC Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security Imported using git-ubuntu import. Changelog parent: 1313f8e759ef627af59f2187b35a5e4ebc7f0d95 New changelog entries: * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749) - debian/patches/CVE-2017-12617.patch: add checks to java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/webresources/AbstractFileResourceSet.java, java/org/apache/catalina/webresources/DirResourceSet.java, java/org/apache/tomcat/util/compat/JrePlatform.java, test/org/apache/catalina/webresources/AbstractTestResourceSet.java, test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java. - CVE-2017-12617 * SECURITY UPDATE: incorrectly documented CGI search algorithm - debian/patches/CVE-2017-15706.patch: adjust documentation in webapps/docs/cgi-howto.xml. - CVE-2017-15706 * SECURITY UPDATE: security constraints mapped to context root are ignored - debian/patches/CVE-2018-1304.patch: add check to java/org/apache/catalina/realm/RealmBase.java. - CVE-2018-1304 * SECURITY UPDATE: security constraint annotations applied too late - debian/patches/CVE-2018-1305.patch: change ordering in java/org/apache/catalina/Wrapper.java, java/org/apache/catalina/authenticator/AuthenticatorBase.java, java/org/apache/catalina/core/ApplicationContext.java, java/org/apache/catalina/core/ApplicationServletRegistration.java, java/org/apache/catalina/core/StandardContext.java, java/org/apache/catalina/core/StandardWrapper.java, java/org/apache/catalina/startup/ContextConfig.java, java/org/apache/catalina/startup/Tomcat.java, java/org/apache/catalina/startup/WebAnnotationSet.java. - CVE-2018-1305 * SECURITY UPDATE: CORS filter has insecure defaults - debian/patches/CVE-2018-8014.patch: change defaults in java/org/apache/catalina/filters/CorsFilter.java, java/org/apache/catalina/filters/LocalStrings.properties, test/org/apache/catalina/filters/TestCorsFilter.java, test/org/apache/catalina/filters/TesterFilterConfigs.java. - CVE-2018-8014
applied/ubuntu/artful-updates	2018-05-30 19:09:26 UTC 2018-05-30	Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-sec... Author: Marc Deslauriers Author Date: 2018-05-28 13:03:55 UTC Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-security Imported using git-ubuntu import. Changelog parent: 39d96847e9c9bca7384b7535d6609062bb106f1a Unapplied parent: 9da9844d224a211355cca4db0dbac78253be234c New changelog entries: * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749) - debian/patches/CVE-2017-12617.patch: add checks to java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/webresources/AbstractFileResourceSet.java, java/org/apache/catalina/webresources/DirResourceSet.java, java/org/apache/tomcat/util/compat/JrePlatform.java, test/org/apache/catalina/webresources/AbstractTestResourceSet.java, test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java. - CVE-2017-12617 * SECURITY UPDATE: incorrectly documented CGI search algorithm - debian/patches/CVE-2017-15706.patch: adjust documentation in webapps/docs/cgi-howto.xml. - CVE-2017-15706 * SECURITY UPDATE: security constraints mapped to context root are ignored - debian/patches/CVE-2018-1304.patch: add check to java/org/apache/catalina/realm/RealmBase.java. - CVE-2018-1304 * SECURITY UPDATE: security constraint annotations applied too late - debian/patches/CVE-2018-1305.patch: change ordering in java/org/apache/catalina/Wrapper.java, java/org/apache/catalina/authenticator/AuthenticatorBase.java, java/org/apache/catalina/core/ApplicationContext.java, java/org/apache/catalina/core/ApplicationServletRegistration.java, java/org/apache/catalina/core/StandardContext.java, java/org/apache/catalina/core/StandardWrapper.java, java/org/apache/catalina/startup/ContextConfig.java, java/org/apache/catalina/startup/Tomcat.java, java/org/apache/catalina/startup/WebAnnotationSet.java. - CVE-2018-1305 * SECURITY UPDATE: CORS filter has insecure defaults - debian/patches/CVE-2018-8014.patch: change defaults in java/org/apache/catalina/filters/CorsFilter.java, java/org/apache/catalina/filters/LocalStrings.properties, test/org/apache/catalina/filters/TestCorsFilter.java, test/org/apache/catalina/filters/TesterFilterConfigs.java. - CVE-2018-8014
ubuntu/artful-devel	2018-05-30 19:09:26 UTC 2018-05-30	Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security Author: Marc Deslauriers Author Date: 2018-05-28 13:03:55 UTC Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security Imported using git-ubuntu import. Changelog parent: 1313f8e759ef627af59f2187b35a5e4ebc7f0d95 New changelog entries: * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749) - debian/patches/CVE-2017-12617.patch: add checks to java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/webresources/AbstractFileResourceSet.java, java/org/apache/catalina/webresources/DirResourceSet.java, java/org/apache/tomcat/util/compat/JrePlatform.java, test/org/apache/catalina/webresources/AbstractTestResourceSet.java, test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java. - CVE-2017-12617 * SECURITY UPDATE: incorrectly documented CGI search algorithm - debian/patches/CVE-2017-15706.patch: adjust documentation in webapps/docs/cgi-howto.xml. - CVE-2017-15706 * SECURITY UPDATE: security constraints mapped to context root are ignored - debian/patches/CVE-2018-1304.patch: add check to java/org/apache/catalina/realm/RealmBase.java. - CVE-2018-1304 * SECURITY UPDATE: security constraint annotations applied too late - debian/patches/CVE-2018-1305.patch: change ordering in java/org/apache/catalina/Wrapper.java, java/org/apache/catalina/authenticator/AuthenticatorBase.java, java/org/apache/catalina/core/ApplicationContext.java, java/org/apache/catalina/core/ApplicationServletRegistration.java, java/org/apache/catalina/core/StandardContext.java, java/org/apache/catalina/core/StandardWrapper.java, java/org/apache/catalina/startup/ContextConfig.java, java/org/apache/catalina/startup/Tomcat.java, java/org/apache/catalina/startup/WebAnnotationSet.java. - CVE-2018-1305 * SECURITY UPDATE: CORS filter has insecure defaults - debian/patches/CVE-2018-8014.patch: change defaults in java/org/apache/catalina/filters/CorsFilter.java, java/org/apache/catalina/filters/LocalStrings.properties, test/org/apache/catalina/filters/TestCorsFilter.java, test/org/apache/catalina/filters/TesterFilterConfigs.java. - CVE-2018-8014
applied/ubuntu/artful-security	2018-05-30 19:09:26 UTC 2018-05-30	Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-sec... Author: Marc Deslauriers Author Date: 2018-05-28 13:03:55 UTC Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-security Imported using git-ubuntu import. Changelog parent: 39d96847e9c9bca7384b7535d6609062bb106f1a Unapplied parent: 9da9844d224a211355cca4db0dbac78253be234c New changelog entries: * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749) - debian/patches/CVE-2017-12617.patch: add checks to java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/webresources/AbstractFileResourceSet.java, java/org/apache/catalina/webresources/DirResourceSet.java, java/org/apache/tomcat/util/compat/JrePlatform.java, test/org/apache/catalina/webresources/AbstractTestResourceSet.java, test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java. - CVE-2017-12617 * SECURITY UPDATE: incorrectly documented CGI search algorithm - debian/patches/CVE-2017-15706.patch: adjust documentation in webapps/docs/cgi-howto.xml. - CVE-2017-15706 * SECURITY UPDATE: security constraints mapped to context root are ignored - debian/patches/CVE-2018-1304.patch: add check to java/org/apache/catalina/realm/RealmBase.java. - CVE-2018-1304 * SECURITY UPDATE: security constraint annotations applied too late - debian/patches/CVE-2018-1305.patch: change ordering in java/org/apache/catalina/Wrapper.java, java/org/apache/catalina/authenticator/AuthenticatorBase.java, java/org/apache/catalina/core/ApplicationContext.java, java/org/apache/catalina/core/ApplicationServletRegistration.java, java/org/apache/catalina/core/StandardContext.java, java/org/apache/catalina/core/StandardWrapper.java, java/org/apache/catalina/startup/ContextConfig.java, java/org/apache/catalina/startup/Tomcat.java, java/org/apache/catalina/startup/WebAnnotationSet.java. - CVE-2018-1305 * SECURITY UPDATE: CORS filter has insecure defaults - debian/patches/CVE-2018-8014.patch: change defaults in java/org/apache/catalina/filters/CorsFilter.java, java/org/apache/catalina/filters/LocalStrings.properties, test/org/apache/catalina/filters/TestCorsFilter.java, test/org/apache/catalina/filters/TesterFilterConfigs.java. - CVE-2018-8014
applied/ubuntu/artful-devel	2018-05-30 19:09:26 UTC 2018-05-30	Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-sec... Author: Marc Deslauriers Author Date: 2018-05-28 13:03:55 UTC Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-security Imported using git-ubuntu import. Changelog parent: 39d96847e9c9bca7384b7535d6609062bb106f1a Unapplied parent: 9da9844d224a211355cca4db0dbac78253be234c New changelog entries: * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749) - debian/patches/CVE-2017-12617.patch: add checks to java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/webresources/AbstractFileResourceSet.java, java/org/apache/catalina/webresources/DirResourceSet.java, java/org/apache/tomcat/util/compat/JrePlatform.java, test/org/apache/catalina/webresources/AbstractTestResourceSet.java, test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java. - CVE-2017-12617 * SECURITY UPDATE: incorrectly documented CGI search algorithm - debian/patches/CVE-2017-15706.patch: adjust documentation in webapps/docs/cgi-howto.xml. - CVE-2017-15706 * SECURITY UPDATE: security constraints mapped to context root are ignored - debian/patches/CVE-2018-1304.patch: add check to java/org/apache/catalina/realm/RealmBase.java. - CVE-2018-1304 * SECURITY UPDATE: security constraint annotations applied too late - debian/patches/CVE-2018-1305.patch: change ordering in java/org/apache/catalina/Wrapper.java, java/org/apache/catalina/authenticator/AuthenticatorBase.java, java/org/apache/catalina/core/ApplicationContext.java, java/org/apache/catalina/core/ApplicationServletRegistration.java, java/org/apache/catalina/core/StandardContext.java, java/org/apache/catalina/core/StandardWrapper.java, java/org/apache/catalina/startup/ContextConfig.java, java/org/apache/catalina/startup/Tomcat.java, java/org/apache/catalina/startup/WebAnnotationSet.java. - CVE-2018-1305 * SECURITY UPDATE: CORS filter has insecure defaults - debian/patches/CVE-2018-8014.patch: change defaults in java/org/apache/catalina/filters/CorsFilter.java, java/org/apache/catalina/filters/LocalStrings.properties, test/org/apache/catalina/filters/TestCorsFilter.java, test/org/apache/catalina/filters/TesterFilterConfigs.java. - CVE-2018-8014
applied/ubuntu/bionic	2018-04-19 15:59:14 UTC 2018-04-19	Import patches-applied version 8.5.30-1ubuntu1 to applied/ubuntu/bionic-proposed Author: Timo Aaltonen Author Date: 2018-04-19 11:53:19 UTC Import patches-applied version 8.5.30-1ubuntu1 to applied/ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: b10e93df8b71ff5e193436278f00ad01910247b9 Unapplied parent: a92e28b95dd5ca91413b323b3c49bb18b4da6b45 New changelog entries: * control: Break/replace tomcat8.0 binaries. (LP: #1717998)
ubuntu/bionic	2018-04-19 15:59:14 UTC 2018-04-19	Import patches-unapplied version 8.5.30-1ubuntu1 to ubuntu/bionic-proposed Author: Timo Aaltonen Author Date: 2018-04-19 11:53:19 UTC Import patches-unapplied version 8.5.30-1ubuntu1 to ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 5fa6efd6d465677fdae1bc27517674a340cc8a2d New changelog entries: * control: Break/replace tomcat8.0 binaries. (LP: #1717998)
importer/ubuntu/pristine-tar	2018-03-22 15:52:52 UTC 2018-03-22	pristine-tar data for tomcat8_8.5.29.orig.tar.xz Author: Ubuntu Git Importer Author Date: 2018-03-22 15:52:52 UTC pristine-tar data for tomcat8_8.5.29.orig.tar.xz
importer/debian/pristine-tar	2018-03-15 17:51:13 UTC 2018-03-15	pristine-tar data for tomcat8_8.5.29.orig.tar.xz Author: Ubuntu Git Importer Author Date: 2018-03-15 17:51:13 UTC pristine-tar data for tomcat8_8.5.29.orig.tar.xz
applied/ubuntu/zesty-updates	2018-01-08 15:33:11 UTC 2018-01-08	Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-secu... Author: Marc Deslauriers Author Date: 2017-09-27 21:20:40 UTC Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: 1d1f35d9a08ed6ab2924a9afdea4f1cf99ccdb7b Unapplied parent: 33665c0987c059a698780337970bfa91b2eabfd4 New changelog entries: * SECURITY UPDATE: loss of pipeline requests - debian/patches/CVE-2017-5647.patch: improve sendfile handling when requests are pipelined in java/org/apache/coyote/AbstractProtocol.java, java/org/apache/coyote/http11/Http11AprProcessor.java, java/org/apache/coyote/http11/Http11Nio2Processor.java, java/org/apache/coyote/http11/Http11NioProcessor.java, java/org/apache/tomcat/util/net/AprEndpoint.java, java/org/apache/tomcat/util/net/Nio2Endpoint.java, java/org/apache/tomcat/util/net/NioEndpoint.java, java/org/apache/tomcat/util/net/SendfileKeepAliveState.java. - CVE-2017-5647 * SECURITY UPDATE: incorrect facade object use - debian/patches/CVE-2017-5648.patch: ensure request and response facades are used when firing application listeners in java/org/apache/catalina/authenticator/FormAuthenticator.java, java/org/apache/catalina/core/StandardHostValve.java. - CVE-2017-5648 * SECURITY UPDATE: unexpected and undesirable results for static error pages - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/servlets/WebdavServlet.java. - CVE-2017-5664 * SECURITY UPDATE: client and server side cache poisoning in CORS filter - debian/patches/CVE-2017-7674.patch: set Vary header in response in java/org/apache/catalina/filters/CorsFilter.java. - CVE-2017-7674
ubuntu/zesty-devel	2018-01-08 15:33:11 UTC 2018-01-08	Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security Author: Marc Deslauriers Author Date: 2017-09-27 21:20:40 UTC Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: b66d69c49a35f4f34c5a2df6827333ac051c9cb2 New changelog entries: * SECURITY UPDATE: loss of pipeline requests - debian/patches/CVE-2017-5647.patch: improve sendfile handling when requests are pipelined in java/org/apache/coyote/AbstractProtocol.java, java/org/apache/coyote/http11/Http11AprProcessor.java, java/org/apache/coyote/http11/Http11Nio2Processor.java, java/org/apache/coyote/http11/Http11NioProcessor.java, java/org/apache/tomcat/util/net/AprEndpoint.java, java/org/apache/tomcat/util/net/Nio2Endpoint.java, java/org/apache/tomcat/util/net/NioEndpoint.java, java/org/apache/tomcat/util/net/SendfileKeepAliveState.java. - CVE-2017-5647 * SECURITY UPDATE: incorrect facade object use - debian/patches/CVE-2017-5648.patch: ensure request and response facades are used when firing application listeners in java/org/apache/catalina/authenticator/FormAuthenticator.java, java/org/apache/catalina/core/StandardHostValve.java. - CVE-2017-5648 * SECURITY UPDATE: unexpected and undesirable results for static error pages - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/servlets/WebdavServlet.java. - CVE-2017-5664 * SECURITY UPDATE: client and server side cache poisoning in CORS filter - debian/patches/CVE-2017-7674.patch: set Vary header in response in java/org/apache/catalina/filters/CorsFilter.java. - CVE-2017-7674
applied/ubuntu/zesty-devel	2018-01-08 15:33:11 UTC 2018-01-08	Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-secu... Author: Marc Deslauriers Author Date: 2017-09-27 21:20:40 UTC Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: 1d1f35d9a08ed6ab2924a9afdea4f1cf99ccdb7b Unapplied parent: 33665c0987c059a698780337970bfa91b2eabfd4 New changelog entries: * SECURITY UPDATE: loss of pipeline requests - debian/patches/CVE-2017-5647.patch: improve sendfile handling when requests are pipelined in java/org/apache/coyote/AbstractProtocol.java, java/org/apache/coyote/http11/Http11AprProcessor.java, java/org/apache/coyote/http11/Http11Nio2Processor.java, java/org/apache/coyote/http11/Http11NioProcessor.java, java/org/apache/tomcat/util/net/AprEndpoint.java, java/org/apache/tomcat/util/net/Nio2Endpoint.java, java/org/apache/tomcat/util/net/NioEndpoint.java, java/org/apache/tomcat/util/net/SendfileKeepAliveState.java. - CVE-2017-5647 * SECURITY UPDATE: incorrect facade object use - debian/patches/CVE-2017-5648.patch: ensure request and response facades are used when firing application listeners in java/org/apache/catalina/authenticator/FormAuthenticator.java, java/org/apache/catalina/core/StandardHostValve.java. - CVE-2017-5648 * SECURITY UPDATE: unexpected and undesirable results for static error pages - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/servlets/WebdavServlet.java. - CVE-2017-5664 * SECURITY UPDATE: client and server side cache poisoning in CORS filter - debian/patches/CVE-2017-7674.patch: set Vary header in response in java/org/apache/catalina/filters/CorsFilter.java. - CVE-2017-7674
applied/ubuntu/zesty-security	2018-01-08 15:33:11 UTC 2018-01-08	Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-secu... Author: Marc Deslauriers Author Date: 2017-09-27 21:20:40 UTC Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: 1d1f35d9a08ed6ab2924a9afdea4f1cf99ccdb7b Unapplied parent: 33665c0987c059a698780337970bfa91b2eabfd4 New changelog entries: * SECURITY UPDATE: loss of pipeline requests - debian/patches/CVE-2017-5647.patch: improve sendfile handling when requests are pipelined in java/org/apache/coyote/AbstractProtocol.java, java/org/apache/coyote/http11/Http11AprProcessor.java, java/org/apache/coyote/http11/Http11Nio2Processor.java, java/org/apache/coyote/http11/Http11NioProcessor.java, java/org/apache/tomcat/util/net/AprEndpoint.java, java/org/apache/tomcat/util/net/Nio2Endpoint.java, java/org/apache/tomcat/util/net/NioEndpoint.java, java/org/apache/tomcat/util/net/SendfileKeepAliveState.java. - CVE-2017-5647 * SECURITY UPDATE: incorrect facade object use - debian/patches/CVE-2017-5648.patch: ensure request and response facades are used when firing application listeners in java/org/apache/catalina/authenticator/FormAuthenticator.java, java/org/apache/catalina/core/StandardHostValve.java. - CVE-2017-5648 * SECURITY UPDATE: unexpected and undesirable results for static error pages - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/servlets/WebdavServlet.java. - CVE-2017-5664 * SECURITY UPDATE: client and server side cache poisoning in CORS filter - debian/patches/CVE-2017-7674.patch: set Vary header in response in java/org/apache/catalina/filters/CorsFilter.java. - CVE-2017-7674
ubuntu/zesty-security	2018-01-08 15:33:11 UTC 2018-01-08	Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security Author: Marc Deslauriers Author Date: 2017-09-27 21:20:40 UTC Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: b66d69c49a35f4f34c5a2df6827333ac051c9cb2 New changelog entries: * SECURITY UPDATE: loss of pipeline requests - debian/patches/CVE-2017-5647.patch: improve sendfile handling when requests are pipelined in java/org/apache/coyote/AbstractProtocol.java, java/org/apache/coyote/http11/Http11AprProcessor.java, java/org/apache/coyote/http11/Http11Nio2Processor.java, java/org/apache/coyote/http11/Http11NioProcessor.java, java/org/apache/tomcat/util/net/AprEndpoint.java, java/org/apache/tomcat/util/net/Nio2Endpoint.java, java/org/apache/tomcat/util/net/NioEndpoint.java, java/org/apache/tomcat/util/net/SendfileKeepAliveState.java. - CVE-2017-5647 * SECURITY UPDATE: incorrect facade object use - debian/patches/CVE-2017-5648.patch: ensure request and response facades are used when firing application listeners in java/org/apache/catalina/authenticator/FormAuthenticator.java, java/org/apache/catalina/core/StandardHostValve.java. - CVE-2017-5648 * SECURITY UPDATE: unexpected and undesirable results for static error pages - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/servlets/WebdavServlet.java. - CVE-2017-5664 * SECURITY UPDATE: client and server side cache poisoning in CORS filter - debian/patches/CVE-2017-7674.patch: set Vary header in response in java/org/apache/catalina/filters/CorsFilter.java. - CVE-2017-7674
ubuntu/zesty-updates	2018-01-08 15:33:11 UTC 2018-01-08	Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security Author: Marc Deslauriers Author Date: 2017-09-27 21:20:40 UTC Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security Imported using git-ubuntu import. Changelog parent: b66d69c49a35f4f34c5a2df6827333ac051c9cb2 New changelog entries: * SECURITY UPDATE: loss of pipeline requests - debian/patches/CVE-2017-5647.patch: improve sendfile handling when requests are pipelined in java/org/apache/coyote/AbstractProtocol.java, java/org/apache/coyote/http11/Http11AprProcessor.java, java/org/apache/coyote/http11/Http11Nio2Processor.java, java/org/apache/coyote/http11/Http11NioProcessor.java, java/org/apache/tomcat/util/net/AprEndpoint.java, java/org/apache/tomcat/util/net/Nio2Endpoint.java, java/org/apache/tomcat/util/net/NioEndpoint.java, java/org/apache/tomcat/util/net/SendfileKeepAliveState.java. - CVE-2017-5647 * SECURITY UPDATE: incorrect facade object use - debian/patches/CVE-2017-5648.patch: ensure request and response facades are used when firing application listeners in java/org/apache/catalina/authenticator/FormAuthenticator.java, java/org/apache/catalina/core/StandardHostValve.java. - CVE-2017-5648 * SECURITY UPDATE: unexpected and undesirable results for static error pages - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/servlets/WebdavServlet.java. - CVE-2017-5664 * SECURITY UPDATE: client and server side cache poisoning in CORS filter - debian/patches/CVE-2017-7674.patch: set Vary header in response in java/org/apache/catalina/filters/CorsFilter.java. - CVE-2017-7674
applied/debian/jessie	2017-12-09 17:57:37 UTC 2017-12-09	Import patches-applied version 8.0.14-1+deb8u11 to applied/debian/jessie Author: Sebastien Delafond Author Date: 2017-09-15 11:18:33 UTC Import patches-applied version 8.0.14-1+deb8u11 to applied/debian/jessie Imported using git-ubuntu import. Changelog parent: 5030667b8a2fd232cd52392cf7ee2431681b03c1 Unapplied parent: d3ea47f06ac9c862803455ad23a1028d423f36e8 New changelog entries: * Fix CVE-2017-7674: The CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.
debian/jessie	2017-12-09 17:57:37 UTC 2017-12-09	Import patches-unapplied version 8.0.14-1+deb8u11 to debian/jessie Author: Sebastien Delafond Author Date: 2017-09-15 11:18:33 UTC Import patches-unapplied version 8.0.14-1+deb8u11 to debian/jessie Imported using git-ubuntu import. Changelog parent: 95750ce33e7f1b757023f0ac82d00af354758800 New changelog entries: * Fix CVE-2017-7674: The CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.
ubuntu/artful-proposed	2017-10-13 12:08:39 UTC 2017-10-13	Import patches-unapplied version 8.5.21-1ubuntu1 to ubuntu/artful-proposed Author: Robie Basak Author Date: 2017-10-13 11:06:51 UTC Import patches-unapplied version 8.5.21-1ubuntu1 to ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: 0043fa8fb52ee4ad9afb9be91cd75d3617fe5f3e New changelog entries: * Demote libtcnative-1 from Recommends to Suggests as it is in universe.
applied/ubuntu/artful	2017-10-13 12:08:39 UTC 2017-10-13	Import patches-applied version 8.5.21-1ubuntu1 to applied/ubuntu/artful-proposed Author: Robie Basak Author Date: 2017-10-13 11:06:51 UTC Import patches-applied version 8.5.21-1ubuntu1 to applied/ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: f0b00255f61060fc896d34114b94eb2764535856 Unapplied parent: 2d47a0810ea5b8ffc09a8430f121402ed28bd8b5 New changelog entries: * Demote libtcnative-1 from Recommends to Suggests as it is in universe.
applied/ubuntu/artful-proposed	2017-10-13 12:08:39 UTC 2017-10-13	Import patches-applied version 8.5.21-1ubuntu1 to applied/ubuntu/artful-proposed Author: Robie Basak Author Date: 2017-10-13 11:06:51 UTC Import patches-applied version 8.5.21-1ubuntu1 to applied/ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: f0b00255f61060fc896d34114b94eb2764535856 Unapplied parent: 2d47a0810ea5b8ffc09a8430f121402ed28bd8b5 New changelog entries: * Demote libtcnative-1 from Recommends to Suggests as it is in universe.
ubuntu/artful	2017-10-13 12:08:39 UTC 2017-10-13	Import patches-unapplied version 8.5.21-1ubuntu1 to ubuntu/artful-proposed Author: Robie Basak Author Date: 2017-10-13 11:06:51 UTC Import patches-unapplied version 8.5.21-1ubuntu1 to ubuntu/artful-proposed Imported using git-ubuntu import. Changelog parent: 0043fa8fb52ee4ad9afb9be91cd75d3617fe5f3e New changelog entries: * Demote libtcnative-1 from Recommends to Suggests as it is in universe.
ubuntu/yakkety-proposed	2017-05-11 22:18:15 UTC 2017-05-11	Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed Author: Joshua Powers Author Date: 2017-03-28 23:46:16 UTC Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed Imported using git-ubuntu import. Changelog parent: a9c810e15482f92a34e00df0072b7998f1e9f0de New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
applied/ubuntu/yakkety-updates	2017-05-11 22:18:15 UTC 2017-05-11	Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-pr... Author: Joshua Powers Author Date: 2017-03-28 23:46:16 UTC Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-proposed Imported using git-ubuntu import. Changelog parent: d4e3e8dfdb8b82224a823889e8f1a86cb536aaa4 Unapplied parent: 468219e03a003bf5ef1c56c0cc02c9b93c19c88d New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
applied/ubuntu/yakkety-proposed	2017-05-11 22:18:15 UTC 2017-05-11	Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-pr... Author: Joshua Powers Author Date: 2017-03-28 23:46:16 UTC Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-proposed Imported using git-ubuntu import. Changelog parent: d4e3e8dfdb8b82224a823889e8f1a86cb536aaa4 Unapplied parent: 468219e03a003bf5ef1c56c0cc02c9b93c19c88d New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
applied/ubuntu/yakkety-devel	2017-05-11 22:18:15 UTC 2017-05-11	Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-pr... Author: Joshua Powers Author Date: 2017-03-28 23:46:16 UTC Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-proposed Imported using git-ubuntu import. Changelog parent: d4e3e8dfdb8b82224a823889e8f1a86cb536aaa4 Unapplied parent: 468219e03a003bf5ef1c56c0cc02c9b93c19c88d New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
ubuntu/yakkety-devel	2017-05-11 22:18:15 UTC 2017-05-11	Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed Author: Joshua Powers Author Date: 2017-03-28 23:46:16 UTC Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed Imported using git-ubuntu import. Changelog parent: a9c810e15482f92a34e00df0072b7998f1e9f0de New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
ubuntu/yakkety-updates	2017-05-11 22:18:15 UTC 2017-05-11	Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed Author: Joshua Powers Author Date: 2017-03-28 23:46:16 UTC Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed Imported using git-ubuntu import. Changelog parent: a9c810e15482f92a34e00df0072b7998f1e9f0de New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
applied/ubuntu/zesty-proposed	2017-04-11 01:23:16 UTC 2017-04-11	Import patches-applied version 8.0.38-2ubuntu2 to applied/ubuntu/zesty-proposed Author: Joshua Powers Author Date: 2017-03-28 23:47:32 UTC Import patches-applied version 8.0.38-2ubuntu2 to applied/ubuntu/zesty-proposed Imported using git-ubuntu import. Changelog parent: 94b822743270fec9e1da46dcb3a1a7a92ea08dc8 Unapplied parent: c3066e65134d587314d36bebf16898bbca0bd449 New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
applied/ubuntu/zesty	2017-04-11 01:23:16 UTC 2017-04-11	Import patches-applied version 8.0.38-2ubuntu2 to applied/ubuntu/zesty-proposed Author: Joshua Powers Author Date: 2017-03-28 23:47:32 UTC Import patches-applied version 8.0.38-2ubuntu2 to applied/ubuntu/zesty-proposed Imported using git-ubuntu import. Changelog parent: 94b822743270fec9e1da46dcb3a1a7a92ea08dc8 Unapplied parent: c3066e65134d587314d36bebf16898bbca0bd449 New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
ubuntu/zesty-proposed	2017-04-11 01:23:16 UTC 2017-04-11	Import patches-unapplied version 8.0.38-2ubuntu2 to ubuntu/zesty-proposed Author: Joshua Powers Author Date: 2017-03-28 23:47:32 UTC Import patches-unapplied version 8.0.38-2ubuntu2 to ubuntu/zesty-proposed Imported using git-ubuntu import. Changelog parent: 8fcde4802291510660959842797a577db834e965 New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
ubuntu/zesty	2017-04-11 01:23:16 UTC 2017-04-11	Import patches-unapplied version 8.0.38-2ubuntu2 to ubuntu/zesty-proposed Author: Joshua Powers Author Date: 2017-03-28 23:47:32 UTC Import patches-unapplied version 8.0.38-2ubuntu2 to ubuntu/zesty-proposed Imported using git-ubuntu import. Changelog parent: 8fcde4802291510660959842797a577db834e965 New changelog entries: * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570).
applied/ubuntu/yakkety-security	2017-01-23 18:13:30 UTC 2017-01-23	Import patches-applied version 8.0.37-1ubuntu0.1 to applied/ubuntu/yakkety-se... Author: Marc Deslauriers Author Date: 2017-01-13 15:48:08 UTC Import patches-applied version 8.0.37-1ubuntu0.1 to applied/ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: adafa06c2d373b3edaf5d7f39b18a819855c1899 Unapplied parent: 9d9e980d9bf5abe73d5bd348eb507af2e2e88467 New changelog entries: * SECURITY UPDATE: HTTP response injection via invalid characters - debian/patches/CVE-2016-6816.patch: add additional checks for valid characters in java/org/apache/coyote/http11/AbstractInputBuffer.java, java/org/apache/coyote/http11/AbstractNioInputBuffer.java, java/org/apache/coyote/http11/InternalAprInputBuffer.java, java/org/apache/coyote/http11/InternalInputBuffer.java, java/org/apache/coyote/http11/LocalStrings.properties, java/org/apache/tomcat/util/http/parser/HttpParser.java. - CVE-2016-6816 * SECURITY UPDATE: remote code execution via JmxRemoteLifecycleListener - debian/patches/CVE-2016-8735.patch: explicitly configure allowed credential types in java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java. - CVE-2016-8735 * SECURITY UPDATE: information leakage between requests - debian/patches/CVE-2016-8745.patch: properly handle cache when unable to complete sendfile request in java/org/apache/tomcat/util/net/NioEndpoint.java. - CVE-2016-8745 * SECURITY UPDATE: privilege escalation during package upgrade - debian/rules, debian/tomcat8.postinst: properly set permissions on /etc/tomcat8/Catalina/localhost. - CVE-2016-9774 * SECURITY UPDATE: privilege escalation during package removal - debian/tomcat8.postrm.in: don't reset permissions before removing user. - CVE-2016-9775 * debian/tomcat8.init: further hardening.
ubuntu/yakkety-security	2017-01-23 18:13:30 UTC 2017-01-23	Import patches-unapplied version 8.0.37-1ubuntu0.1 to ubuntu/yakkety-security Author: Marc Deslauriers Author Date: 2017-01-13 15:48:08 UTC Import patches-unapplied version 8.0.37-1ubuntu0.1 to ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: f250774836a3e9a7ba945f4c2cdabb1cf1950309 New changelog entries: * SECURITY UPDATE: HTTP response injection via invalid characters - debian/patches/CVE-2016-6816.patch: add additional checks for valid characters in java/org/apache/coyote/http11/AbstractInputBuffer.java, java/org/apache/coyote/http11/AbstractNioInputBuffer.java, java/org/apache/coyote/http11/InternalAprInputBuffer.java, java/org/apache/coyote/http11/InternalInputBuffer.java, java/org/apache/coyote/http11/LocalStrings.properties, java/org/apache/tomcat/util/http/parser/HttpParser.java. - CVE-2016-6816 * SECURITY UPDATE: remote code execution via JmxRemoteLifecycleListener - debian/patches/CVE-2016-8735.patch: explicitly configure allowed credential types in java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java. - CVE-2016-8735 * SECURITY UPDATE: information leakage between requests - debian/patches/CVE-2016-8745.patch: properly handle cache when unable to complete sendfile request in java/org/apache/tomcat/util/net/NioEndpoint.java. - CVE-2016-8745 * SECURITY UPDATE: privilege escalation during package upgrade - debian/rules, debian/tomcat8.postinst: properly set permissions on /etc/tomcat8/Catalina/localhost. - CVE-2016-9774 * SECURITY UPDATE: privilege escalation during package removal - debian/tomcat8.postrm.in: don't reset permissions before removing user. - CVE-2016-9775 * debian/tomcat8.init: further hardening.
applied/ubuntu/yakkety	2016-09-19 22:28:06 UTC 2016-09-19	Import patches-applied version 8.0.37-1 to applied/debian/sid Author: Emmanuel Bourg Author Date: 2016-09-19 07:37:33 UTC Import patches-applied version 8.0.37-1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: a51097c2c683da12a1ffc5674a5ca80903b7ae3a Unapplied parent: b26a373625d1c196dd88b8df19cfb0780ed7845d New changelog entries: * Team upload. * New upstream release * Removed 0001-set-UTF-8-as-default-character-encoding.patch (fixed upstream)
ubuntu/yakkety	2016-09-19 22:28:06 UTC 2016-09-19	Import patches-unapplied version 8.0.37-1 to debian/sid Author: Emmanuel Bourg Author Date: 2016-09-19 07:37:33 UTC Import patches-unapplied version 8.0.37-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 37f9d4084595f74b686aa400d6d76ef1e4c10d3f New changelog entries: * Team upload. * New upstream release * Removed 0001-set-UTF-8-as-default-character-encoding.patch (fixed upstream)
applied/ubuntu/xenial	2016-02-19 08:19:05 UTC 2016-02-19	Import patches-applied version 8.0.32-1ubuntu1 to applied/ubuntu/xenial-proposed Author: Nish Aravamudan Author Date: 2016-02-05 08:20:39 UTC Import patches-applied version 8.0.32-1ubuntu1 to applied/ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: 73754489910c3f366987c5f96e446dd1b3e0069b Unapplied parent: 00579dc1bbd12094720bcf702bcd46cba0ecb519 New changelog entries: * Prepare to promote tomcat8 to main (LP: #1539903). - debian/control, 0021-ubuntu-mainize-build-xml.patch: Remove build-dependencies on libobjenesis-java and libeasymock-java, and skip tests that rely on the functionality they provide.
ubuntu/xenial	2016-02-19 08:19:05 UTC 2016-02-19	Import patches-unapplied version 8.0.32-1ubuntu1 to ubuntu/xenial-proposed Author: Nish Aravamudan Author Date: 2016-02-05 08:20:39 UTC Import patches-unapplied version 8.0.32-1ubuntu1 to ubuntu/xenial-proposed Imported using git-ubuntu import. Changelog parent: bc20583702224592a930e782e88b0882f6d88c5f New changelog entries: * Prepare to promote tomcat8 to main (LP: #1539903). - debian/control, 0021-ubuntu-mainize-build-xml.patch: Remove build-dependencies on libobjenesis-java and libeasymock-java, and skip tests that rely on the functionality they provide.
ubuntu/vivid-updates	2016-01-04 20:59:06 UTC 2016-01-04	Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivi... Author: Tyler Hicks Author Date: 2016-01-04 17:18:56 UTC Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivid-security Imported using git-ubuntu import. Changelog parent: a17d5399a1220bca1c28c711e582024bb79e8ece New changelog entries: * fake sync from Debian
applied/ubuntu/vivid-devel	2016-01-04 20:59:06 UTC 2016-01-04	Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubunt... Author: Tyler Hicks Author Date: 2016-01-04 17:18:56 UTC Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubuntu/vivid-security Imported using git-ubuntu import. Changelog parent: 46adaaf5f2bba949b1927fad662ffad5ff3ce160 Unapplied parent: 7a61a894b423f1ca4865dee4f4ee2ade0b475eff New changelog entries: * fake sync from Debian
applied/ubuntu/vivid-security	2016-01-04 20:59:06 UTC 2016-01-04	Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubunt... Author: Tyler Hicks Author Date: 2016-01-04 17:18:56 UTC Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubuntu/vivid-security Imported using git-ubuntu import. Changelog parent: 46adaaf5f2bba949b1927fad662ffad5ff3ce160 Unapplied parent: 7a61a894b423f1ca4865dee4f4ee2ade0b475eff New changelog entries: * fake sync from Debian
ubuntu/vivid-devel	2016-01-04 20:59:06 UTC 2016-01-04	Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivi... Author: Tyler Hicks Author Date: 2016-01-04 17:18:56 UTC Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivid-security Imported using git-ubuntu import. Changelog parent: a17d5399a1220bca1c28c711e582024bb79e8ece New changelog entries: * fake sync from Debian
applied/ubuntu/vivid-updates	2016-01-04 20:59:06 UTC 2016-01-04	Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubunt... Author: Tyler Hicks Author Date: 2016-01-04 17:18:56 UTC Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubuntu/vivid-security Imported using git-ubuntu import. Changelog parent: 46adaaf5f2bba949b1927fad662ffad5ff3ce160 Unapplied parent: 7a61a894b423f1ca4865dee4f4ee2ade0b475eff New changelog entries: * fake sync from Debian
ubuntu/vivid-security	2016-01-04 20:59:06 UTC 2016-01-04	Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivi... Author: Tyler Hicks Author Date: 2016-01-04 17:18:56 UTC Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivid-security Imported using git-ubuntu import. Changelog parent: a17d5399a1220bca1c28c711e582024bb79e8ece New changelog entries: * fake sync from Debian
applied/ubuntu/wily	2015-08-25 04:18:05 UTC 2015-08-25	Import patches-applied version 8.0.26-1 to applied/debian/sid Author: Emmanuel Bourg Author Date: 2015-08-23 22:30:40 UTC Import patches-applied version 8.0.26-1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 056408e04fc5ad5c0c304f450b85aa2b2b93c5f8 Unapplied parent: 4ce542994dc1ec9d63ecbcbed0b4f6462227a9f5 New changelog entries: * Team upload. * New upstream release - Refreshed the patches * Changed the authbind configuration to allow IPv6 connections (LP: #1443041) * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed (LP: #1010791) * Fixed a minor HTML error in the default index.html file (LP: #1236132)
ubuntu/wily	2015-08-25 04:18:05 UTC 2015-08-25	Import patches-unapplied version 8.0.26-1 to debian/sid Author: Emmanuel Bourg Author Date: 2015-08-23 22:30:40 UTC Import patches-unapplied version 8.0.26-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 9f73ca1aa93c7c8e37f985bebb22ddf4806999cb New changelog entries: * Team upload. * New upstream release - Refreshed the patches * Changed the authbind configuration to allow IPv6 connections (LP: #1443041) * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed (LP: #1010791) * Fixed a minor HTML error in the default index.html file (LP: #1236132)
ubuntu/wily-devel	2015-08-25 04:18:05 UTC 2015-08-25	Import patches-unapplied version 8.0.26-1 to debian/sid Author: Emmanuel Bourg Author Date: 2015-08-23 22:30:40 UTC Import patches-unapplied version 8.0.26-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 9f73ca1aa93c7c8e37f985bebb22ddf4806999cb New changelog entries: * Team upload. * New upstream release - Refreshed the patches * Changed the authbind configuration to allow IPv6 connections (LP: #1443041) * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed (LP: #1010791) * Fixed a minor HTML error in the default index.html file (LP: #1236132)
ubuntu/wily-proposed	2015-08-25 04:18:05 UTC 2015-08-25	Import patches-unapplied version 8.0.26-1 to debian/sid Author: Emmanuel Bourg Author Date: 2015-08-23 22:30:40 UTC Import patches-unapplied version 8.0.26-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 9f73ca1aa93c7c8e37f985bebb22ddf4806999cb New changelog entries: * Team upload. * New upstream release - Refreshed the patches * Changed the authbind configuration to allow IPv6 connections (LP: #1443041) * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed (LP: #1010791) * Fixed a minor HTML error in the default index.html file (LP: #1236132)
applied/ubuntu/wily-proposed	2015-08-25 04:18:05 UTC 2015-08-25	Import patches-applied version 8.0.26-1 to applied/debian/sid Author: Emmanuel Bourg Author Date: 2015-08-23 22:30:40 UTC Import patches-applied version 8.0.26-1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 056408e04fc5ad5c0c304f450b85aa2b2b93c5f8 Unapplied parent: 4ce542994dc1ec9d63ecbcbed0b4f6462227a9f5 New changelog entries: * Team upload. * New upstream release - Refreshed the patches * Changed the authbind configuration to allow IPv6 connections (LP: #1443041) * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed (LP: #1010791) * Fixed a minor HTML error in the default index.html file (LP: #1236132)
applied/ubuntu/wily-devel	2015-08-25 04:18:05 UTC 2015-08-25	Import patches-applied version 8.0.26-1 to applied/debian/sid Author: Emmanuel Bourg Author Date: 2015-08-23 22:30:40 UTC Import patches-applied version 8.0.26-1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 056408e04fc5ad5c0c304f450b85aa2b2b93c5f8 Unapplied parent: 4ce542994dc1ec9d63ecbcbed0b4f6462227a9f5 New changelog entries: * Team upload. * New upstream release - Refreshed the patches * Changed the authbind configuration to allow IPv6 connections (LP: #1443041) * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed (LP: #1010791) * Fixed a minor HTML error in the default index.html file (LP: #1236132)
ubuntu/vivid	2014-09-29 16:29:32 UTC 2014-09-29	Import patches-unapplied version 8.0.14-1 to debian/sid Author: Emmanuel Bourg Author Date: 2014-09-29 11:23:43 UTC Import patches-unapplied version 8.0.14-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 2fab781499f33207ae62a7c84933b276b6858206 New changelog entries: * New upstream release - Refreshed the patches * Build depend on libcglib3-java instead of libcglib-java * Standards-Version updated to 3.9.6 (no changes)
applied/ubuntu/vivid-proposed	2014-09-29 16:29:32 UTC 2014-09-29	Import patches-applied version 8.0.14-1 to applied/debian/sid Author: Emmanuel Bourg Author Date: 2014-09-29 11:23:43 UTC Import patches-applied version 8.0.14-1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: c73f8148e450648f03ff6659b2e937169ad525c4 Unapplied parent: 19db1857b25ff32994e9f3718eae2c4e4cdc70a6 New changelog entries: * New upstream release - Refreshed the patches * Build depend on libcglib3-java instead of libcglib-java * Standards-Version updated to 3.9.6 (no changes)
applied/ubuntu/vivid	2014-09-29 16:29:32 UTC 2014-09-29	Import patches-applied version 8.0.14-1 to applied/debian/sid Author: Emmanuel Bourg Author Date: 2014-09-29 11:23:43 UTC Import patches-applied version 8.0.14-1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: c73f8148e450648f03ff6659b2e937169ad525c4 Unapplied parent: 19db1857b25ff32994e9f3718eae2c4e4cdc70a6 New changelog entries: * New upstream release - Refreshed the patches * Build depend on libcglib3-java instead of libcglib-java * Standards-Version updated to 3.9.6 (no changes)
ubuntu/vivid-proposed	2014-09-29 16:29:32 UTC 2014-09-29	Import patches-unapplied version 8.0.14-1 to debian/sid Author: Emmanuel Bourg Author Date: 2014-09-29 11:23:43 UTC Import patches-unapplied version 8.0.14-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 2fab781499f33207ae62a7c84933b276b6858206 New changelog entries: * New upstream release - Refreshed the patches * Build depend on libcglib3-java instead of libcglib-java * Standards-Version updated to 3.9.6 (no changes)
ubuntu/utopic-devel	2014-06-25 04:24:57 UTC 2014-06-25	Import patches-unapplied version 8.0.9-1 to debian/sid Author: Emmanuel Bourg Author Date: 2014-06-24 19:28:37 UTC Import patches-unapplied version 8.0.9-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 8b6dc216e873a5612c72aed9908dd8a818f7d496 New changelog entries: [ Emmanuel Bourg ] * New upstream release - Refreshed the patches * Search for OpenJDK 8 and Oracle JDKs when starting the server * Removed the dependency on the non existent java-7-runtime package * Fixed a link still pointing to the Tomcat 7 documentation in README.Debian * Updated the version required for libtcnative-1 (>= 1.1.30) [ tony mancill ] * Update README.Debian with information about migration guides.
ubuntu/utopic	2014-06-25 04:24:57 UTC 2014-06-25	Import patches-unapplied version 8.0.9-1 to debian/sid Author: Emmanuel Bourg Author Date: 2014-06-24 19:28:37 UTC Import patches-unapplied version 8.0.9-1 to debian/sid Imported using git-ubuntu import. Changelog parent: 8b6dc216e873a5612c72aed9908dd8a818f7d496 New changelog entries: [ Emmanuel Bourg ] * New upstream release - Refreshed the patches * Search for OpenJDK 8 and Oracle JDKs when starting the server * Removed the dependency on the non existent java-7-runtime package * Fixed a link still pointing to the Tomcat 7 documentation in README.Debian * Updated the version required for libtcnative-1 (>= 1.1.30) [ tony mancill ] * Update README.Debian with information about migration guides.

Other repositories

Name	Last Modified
lp:ubuntu/+source/tomcat8	2019-09-10
lp:~kstenerud/ubuntu/+source/tomcat8	2019-02-12
lp:~powersj/ubuntu/+source/tomcat8	2017-03-28

You can't create new repositories for tomcat8 in Ubuntu.