View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/tomcat8
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
importer/debian/dsc 2020-02-08 19:26:12 UTC 2020-02-08
DSC file for 8.5.50-0+deb9u1

Author: Ubuntu Git Importer
Author Date: 2020-02-08 19:26:12 UTC

DSC file for 8.5.50-0+deb9u1

applied/debian/stretch 2020-02-08 17:59:38 UTC 2020-02-08
Import patches-applied version 8.5.50-0+deb9u1 to applied/debian/stretch

Author: Markus Koschany
Author Date: 2019-12-23 22:40:00 UTC

Import patches-applied version 8.5.50-0+deb9u1 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: 19ad30f46857e517fac4f3ee380ddd89de640d8c
Unapplied parent: e25b413438f8e6c9ce3431f86aaea20dbffaa23f

New changelog entries:
  * Team upload.
  * Fix CVE-2018-11784, CVE-2018-8014, CVE-2019-0199, CVE-2019-0221,
    CVE-2019-12418, CVE-2019-17563.
    Several security vulnerabilities were found in Tomcat 8 that may lead to
    denial-of-service or local privilege escalation.

debian/stretch 2020-02-08 17:59:38 UTC 2020-02-08
Import patches-unapplied version 8.5.50-0+deb9u1 to debian/stretch

Author: Markus Koschany
Author Date: 2019-12-23 22:40:00 UTC

Import patches-unapplied version 8.5.50-0+deb9u1 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 366923c7f7b853e106217f96a6abc96d2cd891cb

New changelog entries:
  * Team upload.
  * Fix CVE-2018-11784, CVE-2018-8014, CVE-2019-0199, CVE-2019-0221,
    CVE-2019-12418, CVE-2019-17563.
    Several security vulnerabilities were found in Tomcat 8 that may lead to
    denial-of-service or local privilege escalation.

importer/ubuntu/dsc 2020-01-27 16:04:26 UTC 2020-01-27
DSC file for 8.0.32-1ubuntu1.11

Author: Ubuntu Git Importer
Author Date: 2020-01-27 16:04:26 UTC

DSC file for 8.0.32-1ubuntu1.11

applied/ubuntu/xenial-devel 2020-01-27 15:01:58 UTC 2020-01-27
Import patches-applied version 8.0.32-1ubuntu1.11 to applied/ubuntu/xenial-se...

Author: Marc Deslauriers
Author Date: 2020-01-24 11:24:30 UTC

Import patches-applied version 8.0.32-1ubuntu1.11 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: aed6e23c7751b48b2bf10e344cb3920027b2042d
Unapplied parent: 596fc7401a404afa7be916269781fdf6e0b64fca

New changelog entries:
  * SECURITY UPDATE: JMX interface authentication bypass
    - debian/patches/CVE-2019-12418.patch: refactor JMX remote RMI registry
      creation in JmxRemoteLifecycleListener.java.
    - CVE-2019-12418
  * SECURITY UPDATE: session fixation attack in FORM authentication
    - debian/patches/CVE-2019-17563.patch: refactor so Principal is never
      cached in session with cache==false in
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/authenticator/Constants.java,
      java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2019-17563

ubuntu/xenial-updates 2020-01-27 15:01:58 UTC 2020-01-27
Import patches-unapplied version 8.0.32-1ubuntu1.11 to ubuntu/xenial-security

Author: Marc Deslauriers
Author Date: 2020-01-24 11:24:30 UTC

Import patches-unapplied version 8.0.32-1ubuntu1.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 1ed3855f4d41d2f58f634b2f26027fa1b9fb9fe8

New changelog entries:
  * SECURITY UPDATE: JMX interface authentication bypass
    - debian/patches/CVE-2019-12418.patch: refactor JMX remote RMI registry
      creation in JmxRemoteLifecycleListener.java.
    - CVE-2019-12418
  * SECURITY UPDATE: session fixation attack in FORM authentication
    - debian/patches/CVE-2019-17563.patch: refactor so Principal is never
      cached in session with cache==false in
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/authenticator/Constants.java,
      java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2019-17563

ubuntu/xenial-security 2020-01-27 15:01:58 UTC 2020-01-27
Import patches-unapplied version 8.0.32-1ubuntu1.11 to ubuntu/xenial-security

Author: Marc Deslauriers
Author Date: 2020-01-24 11:24:30 UTC

Import patches-unapplied version 8.0.32-1ubuntu1.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 1ed3855f4d41d2f58f634b2f26027fa1b9fb9fe8

New changelog entries:
  * SECURITY UPDATE: JMX interface authentication bypass
    - debian/patches/CVE-2019-12418.patch: refactor JMX remote RMI registry
      creation in JmxRemoteLifecycleListener.java.
    - CVE-2019-12418
  * SECURITY UPDATE: session fixation attack in FORM authentication
    - debian/patches/CVE-2019-17563.patch: refactor so Principal is never
      cached in session with cache==false in
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/authenticator/Constants.java,
      java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2019-17563

ubuntu/xenial-devel 2020-01-27 15:01:58 UTC 2020-01-27
Import patches-unapplied version 8.0.32-1ubuntu1.11 to ubuntu/xenial-security

Author: Marc Deslauriers
Author Date: 2020-01-24 11:24:30 UTC

Import patches-unapplied version 8.0.32-1ubuntu1.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 1ed3855f4d41d2f58f634b2f26027fa1b9fb9fe8

New changelog entries:
  * SECURITY UPDATE: JMX interface authentication bypass
    - debian/patches/CVE-2019-12418.patch: refactor JMX remote RMI registry
      creation in JmxRemoteLifecycleListener.java.
    - CVE-2019-12418
  * SECURITY UPDATE: session fixation attack in FORM authentication
    - debian/patches/CVE-2019-17563.patch: refactor so Principal is never
      cached in session with cache==false in
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/authenticator/Constants.java,
      java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2019-17563

applied/ubuntu/xenial-security 2020-01-27 15:01:58 UTC 2020-01-27
Import patches-applied version 8.0.32-1ubuntu1.11 to applied/ubuntu/xenial-se...

Author: Marc Deslauriers
Author Date: 2020-01-24 11:24:30 UTC

Import patches-applied version 8.0.32-1ubuntu1.11 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: aed6e23c7751b48b2bf10e344cb3920027b2042d
Unapplied parent: 596fc7401a404afa7be916269781fdf6e0b64fca

New changelog entries:
  * SECURITY UPDATE: JMX interface authentication bypass
    - debian/patches/CVE-2019-12418.patch: refactor JMX remote RMI registry
      creation in JmxRemoteLifecycleListener.java.
    - CVE-2019-12418
  * SECURITY UPDATE: session fixation attack in FORM authentication
    - debian/patches/CVE-2019-17563.patch: refactor so Principal is never
      cached in session with cache==false in
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/authenticator/Constants.java,
      java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2019-17563

applied/ubuntu/xenial-updates 2020-01-27 15:01:58 UTC 2020-01-27
Import patches-applied version 8.0.32-1ubuntu1.11 to applied/ubuntu/xenial-se...

Author: Marc Deslauriers
Author Date: 2020-01-24 11:24:30 UTC

Import patches-applied version 8.0.32-1ubuntu1.11 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: aed6e23c7751b48b2bf10e344cb3920027b2042d
Unapplied parent: 596fc7401a404afa7be916269781fdf6e0b64fca

New changelog entries:
  * SECURITY UPDATE: JMX interface authentication bypass
    - debian/patches/CVE-2019-12418.patch: refactor JMX remote RMI registry
      creation in JmxRemoteLifecycleListener.java.
    - CVE-2019-12418
  * SECURITY UPDATE: session fixation attack in FORM authentication
    - debian/patches/CVE-2019-17563.patch: refactor so Principal is never
      cached in session with cache==false in
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/authenticator/Constants.java,
      java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2019-17563

ubuntu/bionic-security 2019-09-10 17:33:14 UTC 2019-09-10
Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-sec...

Author: Maria Emilia Torino
Author Date: 2019-09-09 19:47:51 UTC

Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: a5f279c863c95b8b664c30c44ca28b1407f4f36c

New changelog entries:
  * SECURITY UPDATE: XSS attack on SSI printenv command
    - debian/patches/CVE-2019-0221.patch: escape debug output to aid
      readability
    - CVE-2019-0221
  * SECURITY UPDATE: DoS via thread exhaustion
    - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout
      handling to connection window exhaustion on write.
    - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle
      full allocation case.
    - CVE-2019-10072

applied/ubuntu/bionic-devel 2019-09-10 17:33:14 UTC 2019-09-10
Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bion...

Author: Maria Emilia Torino
Author Date: 2019-09-09 19:47:51 UTC

Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: aed56a6d7e71c64c8b51f0c03d521e250cdf3e69
Unapplied parent: 5be6ebe0e2db2899174913501c38f0c7ea115475

New changelog entries:
  * SECURITY UPDATE: XSS attack on SSI printenv command
    - debian/patches/CVE-2019-0221.patch: escape debug output to aid
      readability
    - CVE-2019-0221
  * SECURITY UPDATE: DoS via thread exhaustion
    - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout
      handling to connection window exhaustion on write.
    - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle
      full allocation case.
    - CVE-2019-10072

applied/ubuntu/bionic-security 2019-09-10 17:33:14 UTC 2019-09-10
Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bion...

Author: Maria Emilia Torino
Author Date: 2019-09-09 19:47:51 UTC

Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: aed56a6d7e71c64c8b51f0c03d521e250cdf3e69
Unapplied parent: 5be6ebe0e2db2899174913501c38f0c7ea115475

New changelog entries:
  * SECURITY UPDATE: XSS attack on SSI printenv command
    - debian/patches/CVE-2019-0221.patch: escape debug output to aid
      readability
    - CVE-2019-0221
  * SECURITY UPDATE: DoS via thread exhaustion
    - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout
      handling to connection window exhaustion on write.
    - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle
      full allocation case.
    - CVE-2019-10072

applied/ubuntu/bionic-updates 2019-09-10 17:33:14 UTC 2019-09-10
Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bion...

Author: Maria Emilia Torino
Author Date: 2019-09-09 19:47:51 UTC

Import patches-applied version 8.5.39-1ubuntu1~18.04.3 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: aed56a6d7e71c64c8b51f0c03d521e250cdf3e69
Unapplied parent: 5be6ebe0e2db2899174913501c38f0c7ea115475

New changelog entries:
  * SECURITY UPDATE: XSS attack on SSI printenv command
    - debian/patches/CVE-2019-0221.patch: escape debug output to aid
      readability
    - CVE-2019-0221
  * SECURITY UPDATE: DoS via thread exhaustion
    - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout
      handling to connection window exhaustion on write.
    - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle
      full allocation case.
    - CVE-2019-10072

ubuntu/bionic-devel 2019-09-10 17:33:14 UTC 2019-09-10
Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-sec...

Author: Maria Emilia Torino
Author Date: 2019-09-09 19:47:51 UTC

Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: a5f279c863c95b8b664c30c44ca28b1407f4f36c

New changelog entries:
  * SECURITY UPDATE: XSS attack on SSI printenv command
    - debian/patches/CVE-2019-0221.patch: escape debug output to aid
      readability
    - CVE-2019-0221
  * SECURITY UPDATE: DoS via thread exhaustion
    - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout
      handling to connection window exhaustion on write.
    - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle
      full allocation case.
    - CVE-2019-10072

ubuntu/bionic-updates 2019-09-10 17:33:14 UTC 2019-09-10
Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-sec...

Author: Maria Emilia Torino
Author Date: 2019-09-09 19:47:51 UTC

Import patches-unapplied version 8.5.39-1ubuntu1~18.04.3 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: a5f279c863c95b8b664c30c44ca28b1407f4f36c

New changelog entries:
  * SECURITY UPDATE: XSS attack on SSI printenv command
    - debian/patches/CVE-2019-0221.patch: escape debug output to aid
      readability
    - CVE-2019-0221
  * SECURITY UPDATE: DoS via thread exhaustion
    - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout
      handling to connection window exhaustion on write.
    - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle
      full allocation case.
    - CVE-2019-10072

applied/ubuntu/bionic-proposed 2019-06-13 17:18:15 UTC 2019-06-13
Import patches-applied version 8.5.39-1ubuntu1~18.04.2 to applied/ubuntu/bion...

Author: Tiago Stürmer Daitx
Author Date: 2019-05-09 13:50:49 UTC

Import patches-applied version 8.5.39-1ubuntu1~18.04.2 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 269fd403db3335f0f4f36e0eabc0cfab8339abfb
Unapplied parent: 7c77df5bae8e61dbadb6d5b63ce6db1668dc35e5

New changelog entries:
  * debian/tomcat8-instance-create: update regex to account for the fact that
    the shutdown port is set to 8005 as default. LP: #1827090.

ubuntu/bionic-proposed 2019-06-13 17:18:15 UTC 2019-06-13
Import patches-unapplied version 8.5.39-1ubuntu1~18.04.2 to ubuntu/bionic-pro...

Author: Tiago Stürmer Daitx
Author Date: 2019-05-09 13:50:49 UTC

Import patches-unapplied version 8.5.39-1ubuntu1~18.04.2 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 34657f8d9814b583328fc74fddbdd8873ba06c88

New changelog entries:
  * debian/tomcat8-instance-create: update regex to account for the fact that
    the shutdown port is set to 8005 as default. LP: #1827090.

applied/ubuntu/cosmic-security 2019-04-10 17:07:29 UTC 2019-04-10
Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic...

Author: Tiago Stürmer Daitx
Author Date: 2019-04-10 05:33:03 UTC

Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: d1b2e524da855429409594bc4921cee48815521a
Unapplied parent: 056cd5eaebcf369fb92e67eb47cf367a3c397cd1

New changelog entries:
  [ Matthias Klose ]
  * Backport for OpenJDK 11. LP: #1817567.
  * tomcat8 now uses systemd service instead of init scripts. See
    /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.

applied/ubuntu/cosmic-updates 2019-04-10 17:07:29 UTC 2019-04-10
Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic...

Author: Tiago Stürmer Daitx
Author Date: 2019-04-10 05:33:03 UTC

Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: d1b2e524da855429409594bc4921cee48815521a
Unapplied parent: 056cd5eaebcf369fb92e67eb47cf367a3c397cd1

New changelog entries:
  [ Matthias Klose ]
  * Backport for OpenJDK 11. LP: #1817567.
  * tomcat8 now uses systemd service instead of init scripts. See
    /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.

ubuntu/cosmic-devel 2019-04-10 17:07:29 UTC 2019-04-10
Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed

Author: Tiago Stürmer Daitx
Author Date: 2019-04-10 05:33:03 UTC

Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 3b169a255f50e6ef1093d5cfb3b80dd1c406eedb

New changelog entries:
  [ Matthias Klose ]
  * Backport for OpenJDK 11. LP: #1817567.
  * tomcat8 now uses systemd service instead of init scripts. See
    /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.

applied/ubuntu/cosmic-devel 2019-04-10 17:07:29 UTC 2019-04-10
Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic...

Author: Tiago Stürmer Daitx
Author Date: 2019-04-10 05:33:03 UTC

Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: d1b2e524da855429409594bc4921cee48815521a
Unapplied parent: 056cd5eaebcf369fb92e67eb47cf367a3c397cd1

New changelog entries:
  [ Matthias Klose ]
  * Backport for OpenJDK 11. LP: #1817567.
  * tomcat8 now uses systemd service instead of init scripts. See
    /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.

ubuntu/cosmic-security 2019-04-10 17:07:29 UTC 2019-04-10
Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed

Author: Tiago Stürmer Daitx
Author Date: 2019-04-10 05:33:03 UTC

Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 3b169a255f50e6ef1093d5cfb3b80dd1c406eedb

New changelog entries:
  [ Matthias Klose ]
  * Backport for OpenJDK 11. LP: #1817567.
  * tomcat8 now uses systemd service instead of init scripts. See
    /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.

ubuntu/cosmic-proposed 2019-04-10 17:07:29 UTC 2019-04-10
Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed

Author: Tiago Stürmer Daitx
Author Date: 2019-04-10 05:33:03 UTC

Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 3b169a255f50e6ef1093d5cfb3b80dd1c406eedb

New changelog entries:
  [ Matthias Klose ]
  * Backport for OpenJDK 11. LP: #1817567.
  * tomcat8 now uses systemd service instead of init scripts. See
    /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.

ubuntu/cosmic-updates 2019-04-10 17:07:29 UTC 2019-04-10
Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed

Author: Tiago Stürmer Daitx
Author Date: 2019-04-10 05:33:03 UTC

Import patches-unapplied version 8.5.39-1ubuntu1~18.10 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 3b169a255f50e6ef1093d5cfb3b80dd1c406eedb

New changelog entries:
  [ Matthias Klose ]
  * Backport for OpenJDK 11. LP: #1817567.
  * tomcat8 now uses systemd service instead of init scripts. See
    /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.

applied/ubuntu/cosmic-proposed 2019-04-10 17:07:29 UTC 2019-04-10
Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic...

Author: Tiago Stürmer Daitx
Author Date: 2019-04-10 05:33:03 UTC

Import patches-applied version 8.5.39-1ubuntu1~18.10 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: d1b2e524da855429409594bc4921cee48815521a
Unapplied parent: 056cd5eaebcf369fb92e67eb47cf367a3c397cd1

New changelog entries:
  [ Matthias Klose ]
  * Backport for OpenJDK 11. LP: #1817567.
  * tomcat8 now uses systemd service instead of init scripts. See
    /usr/share/doc/tomcat8/NEWS.gz. LP: #1819721.

ubuntu/disco-proposed 2019-03-26 11:18:15 UTC 2019-03-26
Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed

Author: Matthias Klose
Author Date: 2019-03-26 11:10:55 UTC

Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 2705029d45ad3f8a2903f3596b0ac320f559de63

New changelog entries:
  * Merge with Debian; remaining changes:
    - d/control: Break/replace tomcat8.0 binaries.

applied/ubuntu/devel 2019-03-26 11:18:15 UTC 2019-03-26
Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed

Author: Matthias Klose
Author Date: 2019-03-26 11:10:55 UTC

Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: b22f9888401c62cb222f009b1d3df6088ee2df65
Unapplied parent: c385a34fd6e104e07bdb670ca79395263ed8ccfc

New changelog entries:
  * Merge with Debian; remaining changes:
    - d/control: Break/replace tomcat8.0 binaries.

applied/ubuntu/disco 2019-03-26 11:18:15 UTC 2019-03-26
Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed

Author: Matthias Klose
Author Date: 2019-03-26 11:10:55 UTC

Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: b22f9888401c62cb222f009b1d3df6088ee2df65
Unapplied parent: c385a34fd6e104e07bdb670ca79395263ed8ccfc

New changelog entries:
  * Merge with Debian; remaining changes:
    - d/control: Break/replace tomcat8.0 binaries.

applied/ubuntu/disco-devel 2019-03-26 11:18:15 UTC 2019-03-26
Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed

Author: Matthias Klose
Author Date: 2019-03-26 11:10:55 UTC

Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: b22f9888401c62cb222f009b1d3df6088ee2df65
Unapplied parent: c385a34fd6e104e07bdb670ca79395263ed8ccfc

New changelog entries:
  * Merge with Debian; remaining changes:
    - d/control: Break/replace tomcat8.0 binaries.

applied/ubuntu/disco-proposed 2019-03-26 11:18:15 UTC 2019-03-26
Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed

Author: Matthias Klose
Author Date: 2019-03-26 11:10:55 UTC

Import patches-applied version 8.5.39-1ubuntu1 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: b22f9888401c62cb222f009b1d3df6088ee2df65
Unapplied parent: c385a34fd6e104e07bdb670ca79395263ed8ccfc

New changelog entries:
  * Merge with Debian; remaining changes:
    - d/control: Break/replace tomcat8.0 binaries.

ubuntu/devel 2019-03-26 11:18:15 UTC 2019-03-26
Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed

Author: Matthias Klose
Author Date: 2019-03-26 11:10:55 UTC

Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 2705029d45ad3f8a2903f3596b0ac320f559de63

New changelog entries:
  * Merge with Debian; remaining changes:
    - d/control: Break/replace tomcat8.0 binaries.

ubuntu/disco 2019-03-26 11:18:15 UTC 2019-03-26
Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed

Author: Matthias Klose
Author Date: 2019-03-26 11:10:55 UTC

Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 2705029d45ad3f8a2903f3596b0ac320f559de63

New changelog entries:
  * Merge with Debian; remaining changes:
    - d/control: Break/replace tomcat8.0 binaries.

ubuntu/disco-devel 2019-03-26 11:18:15 UTC 2019-03-26
Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed

Author: Matthias Klose
Author Date: 2019-03-26 11:10:55 UTC

Import patches-unapplied version 8.5.39-1ubuntu1 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 2705029d45ad3f8a2903f3596b0ac320f559de63

New changelog entries:
  * Merge with Debian; remaining changes:
    - d/control: Break/replace tomcat8.0 binaries.

applied/debian/experimental 2019-03-25 16:28:14 UTC 2019-03-25
Import patches-applied version 8.5.39-1 to applied/debian/experimental

Author: Emmanuel Bourg
Author Date: 2019-03-25 09:47:43 UTC

Import patches-applied version 8.5.39-1 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: 07a6e52d02255a18cb8d7035ffe189676fb93574
Unapplied parent: b884991e9d637c83ef5eba28ad83ef89dd76cd2c

New changelog entries:
  * Team upload.
  * New upstream release
    - Refreshed the patches
  * Track and download the new releases from GitHub

debian/experimental 2019-03-25 16:28:14 UTC 2019-03-25
Import patches-unapplied version 8.5.39-1 to debian/experimental

Author: Emmanuel Bourg
Author Date: 2019-03-25 09:47:43 UTC

Import patches-unapplied version 8.5.39-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: b6cc2d19934cb01a947d304ac9d4569c5f00b172

New changelog entries:
  * Team upload.
  * New upstream release
    - Refreshed the patches
  * Track and download the new releases from GitHub

applied/debian/buster 2019-02-27 04:41:02 UTC 2019-02-27
Import patches-applied version 8.5.38-2 to applied/debian/sid

Author: Thorsten Glaser
Author Date: 2019-02-26 20:37:51 UTC

Import patches-applied version 8.5.38-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 66ae6004d61442a46180b3e0e7610edea84523f9
Unapplied parent: 70cfa98dbc1dfacf73319cc96df65a34062ba1bc

New changelog entries:
  * Team upload.
  * Apply upstream patch to unbreak the startup script (Closes: #922863)

debian/buster 2019-02-27 04:41:02 UTC 2019-02-27
Import patches-unapplied version 8.5.38-2 to debian/sid

Author: Thorsten Glaser
Author Date: 2019-02-26 20:37:51 UTC

Import patches-unapplied version 8.5.38-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b770602c883d9a905b4b905a10977ae673ad4c1d

New changelog entries:
  * Team upload.
  * Apply upstream patch to unbreak the startup script (Closes: #922863)

debian/sid 2019-02-27 04:41:02 UTC 2019-02-27
Import patches-unapplied version 8.5.38-2 to debian/sid

Author: Thorsten Glaser
Author Date: 2019-02-26 20:37:51 UTC

Import patches-unapplied version 8.5.38-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b770602c883d9a905b4b905a10977ae673ad4c1d

New changelog entries:
  * Team upload.
  * Apply upstream patch to unbreak the startup script (Closes: #922863)

applied/debian/sid 2019-02-27 04:41:02 UTC 2019-02-27
Import patches-applied version 8.5.38-2 to applied/debian/sid

Author: Thorsten Glaser
Author Date: 2019-02-26 20:37:51 UTC

Import patches-applied version 8.5.38-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 66ae6004d61442a46180b3e0e7610edea84523f9
Unapplied parent: 70cfa98dbc1dfacf73319cc96df65a34062ba1bc

New changelog entries:
  * Team upload.
  * Apply upstream patch to unbreak the startup script (Closes: #922863)

applied/ubuntu/xenial-proposed 2019-01-16 12:03:13 UTC 2019-01-16
Import patches-applied version 8.0.32-1ubuntu1.9 to applied/ubuntu/xenial-pro...

Author: Karl Stenerud
Author Date: 2018-12-10 14:08:07 UTC

Import patches-applied version 8.0.32-1ubuntu1.9 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 260b08ffc3b4689a7f5f1b31045dfbd2f6704f28
Unapplied parent: abf130027e9cd47acdac05a0ab7c3248c15880d4

New changelog entries:
  * d/p/fix-class-resource-name-filtering.patch: Fix class and resource name
    filtering in WebappClassLoader (LP: #1606331).

ubuntu/xenial-proposed 2019-01-16 12:03:13 UTC 2019-01-16
Import patches-unapplied version 8.0.32-1ubuntu1.9 to ubuntu/xenial-proposed

Author: Karl Stenerud
Author Date: 2018-12-10 14:08:07 UTC

Import patches-unapplied version 8.0.32-1ubuntu1.9 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 99fabbf378b9a713124ef689606c1b2b5f8d4e70

New changelog entries:
  * d/p/fix-class-resource-name-filtering.patch: Fix class and resource name
    filtering in WebappClassLoader (LP: #1606331).

ubuntu/cosmic 2018-09-20 08:33:17 UTC 2018-09-20
Import patches-unapplied version 8.5.34-1ubuntu1 to ubuntu/cosmic-proposed

Author: Matthias Klose
Author Date: 2018-09-20 08:12:50 UTC

Import patches-unapplied version 8.5.34-1ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 4737d6aef0034e8e7d23189031934fe982bced00

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - control: Break/replace tomcat8.0 binaries. (LP: #1717998)
    - support-jre8.diff.

applied/ubuntu/cosmic 2018-09-20 08:33:17 UTC 2018-09-20
Import patches-applied version 8.5.34-1ubuntu1 to applied/ubuntu/cosmic-proposed

Author: Matthias Klose
Author Date: 2018-09-20 08:12:50 UTC

Import patches-applied version 8.5.34-1ubuntu1 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: df0f9897748f667ca3f0ded0e4f4fbc8c894fda8
Unapplied parent: a6795bc1f71ef13e91485b1580bf2187fba2076c

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - control: Break/replace tomcat8.0 binaries. (LP: #1717998)
    - support-jre8.diff.

ubuntu/artful-updates 2018-05-30 19:09:26 UTC 2018-05-30
Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-05-28 13:03:55 UTC

Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 1313f8e759ef627af59f2187b35a5e4ebc7f0d95

New changelog entries:
  * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749)
    - debian/patches/CVE-2017-12617.patch: add checks to
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/webresources/AbstractFileResourceSet.java,
      java/org/apache/catalina/webresources/DirResourceSet.java,
      java/org/apache/tomcat/util/compat/JrePlatform.java,
      test/org/apache/catalina/webresources/AbstractTestResourceSet.java,
      test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java.
    - CVE-2017-12617
  * SECURITY UPDATE: incorrectly documented CGI search algorithm
    - debian/patches/CVE-2017-15706.patch: adjust documentation in
      webapps/docs/cgi-howto.xml.
    - CVE-2017-15706
  * SECURITY UPDATE: security constraints mapped to context root are ignored
    - debian/patches/CVE-2018-1304.patch: add check to
      java/org/apache/catalina/realm/RealmBase.java.
    - CVE-2018-1304
  * SECURITY UPDATE: security constraint annotations applied too late
    - debian/patches/CVE-2018-1305.patch: change ordering in
      java/org/apache/catalina/Wrapper.java,
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/core/ApplicationContext.java,
      java/org/apache/catalina/core/ApplicationServletRegistration.java,
      java/org/apache/catalina/core/StandardContext.java,
      java/org/apache/catalina/core/StandardWrapper.java,
      java/org/apache/catalina/startup/ContextConfig.java,
      java/org/apache/catalina/startup/Tomcat.java,
      java/org/apache/catalina/startup/WebAnnotationSet.java.
    - CVE-2018-1305
  * SECURITY UPDATE: CORS filter has insecure defaults
    - debian/patches/CVE-2018-8014.patch: change defaults in
      java/org/apache/catalina/filters/CorsFilter.java,
      java/org/apache/catalina/filters/LocalStrings.properties,
      test/org/apache/catalina/filters/TestCorsFilter.java,
      test/org/apache/catalina/filters/TesterFilterConfigs.java.
    - CVE-2018-8014

applied/ubuntu/artful-updates 2018-05-30 19:09:26 UTC 2018-05-30
Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-sec...

Author: Marc Deslauriers
Author Date: 2018-05-28 13:03:55 UTC

Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 39d96847e9c9bca7384b7535d6609062bb106f1a
Unapplied parent: 9da9844d224a211355cca4db0dbac78253be234c

New changelog entries:
  * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749)
    - debian/patches/CVE-2017-12617.patch: add checks to
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/webresources/AbstractFileResourceSet.java,
      java/org/apache/catalina/webresources/DirResourceSet.java,
      java/org/apache/tomcat/util/compat/JrePlatform.java,
      test/org/apache/catalina/webresources/AbstractTestResourceSet.java,
      test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java.
    - CVE-2017-12617
  * SECURITY UPDATE: incorrectly documented CGI search algorithm
    - debian/patches/CVE-2017-15706.patch: adjust documentation in
      webapps/docs/cgi-howto.xml.
    - CVE-2017-15706
  * SECURITY UPDATE: security constraints mapped to context root are ignored
    - debian/patches/CVE-2018-1304.patch: add check to
      java/org/apache/catalina/realm/RealmBase.java.
    - CVE-2018-1304
  * SECURITY UPDATE: security constraint annotations applied too late
    - debian/patches/CVE-2018-1305.patch: change ordering in
      java/org/apache/catalina/Wrapper.java,
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/core/ApplicationContext.java,
      java/org/apache/catalina/core/ApplicationServletRegistration.java,
      java/org/apache/catalina/core/StandardContext.java,
      java/org/apache/catalina/core/StandardWrapper.java,
      java/org/apache/catalina/startup/ContextConfig.java,
      java/org/apache/catalina/startup/Tomcat.java,
      java/org/apache/catalina/startup/WebAnnotationSet.java.
    - CVE-2018-1305
  * SECURITY UPDATE: CORS filter has insecure defaults
    - debian/patches/CVE-2018-8014.patch: change defaults in
      java/org/apache/catalina/filters/CorsFilter.java,
      java/org/apache/catalina/filters/LocalStrings.properties,
      test/org/apache/catalina/filters/TestCorsFilter.java,
      test/org/apache/catalina/filters/TesterFilterConfigs.java.
    - CVE-2018-8014

applied/ubuntu/artful-devel 2018-05-30 19:09:26 UTC 2018-05-30
Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-sec...

Author: Marc Deslauriers
Author Date: 2018-05-28 13:03:55 UTC

Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 39d96847e9c9bca7384b7535d6609062bb106f1a
Unapplied parent: 9da9844d224a211355cca4db0dbac78253be234c

New changelog entries:
  * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749)
    - debian/patches/CVE-2017-12617.patch: add checks to
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/webresources/AbstractFileResourceSet.java,
      java/org/apache/catalina/webresources/DirResourceSet.java,
      java/org/apache/tomcat/util/compat/JrePlatform.java,
      test/org/apache/catalina/webresources/AbstractTestResourceSet.java,
      test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java.
    - CVE-2017-12617
  * SECURITY UPDATE: incorrectly documented CGI search algorithm
    - debian/patches/CVE-2017-15706.patch: adjust documentation in
      webapps/docs/cgi-howto.xml.
    - CVE-2017-15706
  * SECURITY UPDATE: security constraints mapped to context root are ignored
    - debian/patches/CVE-2018-1304.patch: add check to
      java/org/apache/catalina/realm/RealmBase.java.
    - CVE-2018-1304
  * SECURITY UPDATE: security constraint annotations applied too late
    - debian/patches/CVE-2018-1305.patch: change ordering in
      java/org/apache/catalina/Wrapper.java,
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/core/ApplicationContext.java,
      java/org/apache/catalina/core/ApplicationServletRegistration.java,
      java/org/apache/catalina/core/StandardContext.java,
      java/org/apache/catalina/core/StandardWrapper.java,
      java/org/apache/catalina/startup/ContextConfig.java,
      java/org/apache/catalina/startup/Tomcat.java,
      java/org/apache/catalina/startup/WebAnnotationSet.java.
    - CVE-2018-1305
  * SECURITY UPDATE: CORS filter has insecure defaults
    - debian/patches/CVE-2018-8014.patch: change defaults in
      java/org/apache/catalina/filters/CorsFilter.java,
      java/org/apache/catalina/filters/LocalStrings.properties,
      test/org/apache/catalina/filters/TestCorsFilter.java,
      test/org/apache/catalina/filters/TesterFilterConfigs.java.
    - CVE-2018-8014

applied/ubuntu/artful-security 2018-05-30 19:09:26 UTC 2018-05-30
Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-sec...

Author: Marc Deslauriers
Author Date: 2018-05-28 13:03:55 UTC

Import patches-applied version 8.5.21-1ubuntu1.1 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 39d96847e9c9bca7384b7535d6609062bb106f1a
Unapplied parent: 9da9844d224a211355cca4db0dbac78253be234c

New changelog entries:
  * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749)
    - debian/patches/CVE-2017-12617.patch: add checks to
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/webresources/AbstractFileResourceSet.java,
      java/org/apache/catalina/webresources/DirResourceSet.java,
      java/org/apache/tomcat/util/compat/JrePlatform.java,
      test/org/apache/catalina/webresources/AbstractTestResourceSet.java,
      test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java.
    - CVE-2017-12617
  * SECURITY UPDATE: incorrectly documented CGI search algorithm
    - debian/patches/CVE-2017-15706.patch: adjust documentation in
      webapps/docs/cgi-howto.xml.
    - CVE-2017-15706
  * SECURITY UPDATE: security constraints mapped to context root are ignored
    - debian/patches/CVE-2018-1304.patch: add check to
      java/org/apache/catalina/realm/RealmBase.java.
    - CVE-2018-1304
  * SECURITY UPDATE: security constraint annotations applied too late
    - debian/patches/CVE-2018-1305.patch: change ordering in
      java/org/apache/catalina/Wrapper.java,
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/core/ApplicationContext.java,
      java/org/apache/catalina/core/ApplicationServletRegistration.java,
      java/org/apache/catalina/core/StandardContext.java,
      java/org/apache/catalina/core/StandardWrapper.java,
      java/org/apache/catalina/startup/ContextConfig.java,
      java/org/apache/catalina/startup/Tomcat.java,
      java/org/apache/catalina/startup/WebAnnotationSet.java.
    - CVE-2018-1305
  * SECURITY UPDATE: CORS filter has insecure defaults
    - debian/patches/CVE-2018-8014.patch: change defaults in
      java/org/apache/catalina/filters/CorsFilter.java,
      java/org/apache/catalina/filters/LocalStrings.properties,
      test/org/apache/catalina/filters/TestCorsFilter.java,
      test/org/apache/catalina/filters/TesterFilterConfigs.java.
    - CVE-2018-8014

ubuntu/artful-security 2018-05-30 19:09:26 UTC 2018-05-30
Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-05-28 13:03:55 UTC

Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 1313f8e759ef627af59f2187b35a5e4ebc7f0d95

New changelog entries:
  * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749)
    - debian/patches/CVE-2017-12617.patch: add checks to
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/webresources/AbstractFileResourceSet.java,
      java/org/apache/catalina/webresources/DirResourceSet.java,
      java/org/apache/tomcat/util/compat/JrePlatform.java,
      test/org/apache/catalina/webresources/AbstractTestResourceSet.java,
      test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java.
    - CVE-2017-12617
  * SECURITY UPDATE: incorrectly documented CGI search algorithm
    - debian/patches/CVE-2017-15706.patch: adjust documentation in
      webapps/docs/cgi-howto.xml.
    - CVE-2017-15706
  * SECURITY UPDATE: security constraints mapped to context root are ignored
    - debian/patches/CVE-2018-1304.patch: add check to
      java/org/apache/catalina/realm/RealmBase.java.
    - CVE-2018-1304
  * SECURITY UPDATE: security constraint annotations applied too late
    - debian/patches/CVE-2018-1305.patch: change ordering in
      java/org/apache/catalina/Wrapper.java,
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/core/ApplicationContext.java,
      java/org/apache/catalina/core/ApplicationServletRegistration.java,
      java/org/apache/catalina/core/StandardContext.java,
      java/org/apache/catalina/core/StandardWrapper.java,
      java/org/apache/catalina/startup/ContextConfig.java,
      java/org/apache/catalina/startup/Tomcat.java,
      java/org/apache/catalina/startup/WebAnnotationSet.java.
    - CVE-2018-1305
  * SECURITY UPDATE: CORS filter has insecure defaults
    - debian/patches/CVE-2018-8014.patch: change defaults in
      java/org/apache/catalina/filters/CorsFilter.java,
      java/org/apache/catalina/filters/LocalStrings.properties,
      test/org/apache/catalina/filters/TestCorsFilter.java,
      test/org/apache/catalina/filters/TesterFilterConfigs.java.
    - CVE-2018-8014

ubuntu/artful-devel 2018-05-30 19:09:26 UTC 2018-05-30
Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-05-28 13:03:55 UTC

Import patches-unapplied version 8.5.21-1ubuntu1.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 1313f8e759ef627af59f2187b35a5e4ebc7f0d95

New changelog entries:
  * SECURITY UPDATE: missing checks when HTTP PUTs enabled (LP: #1721749)
    - debian/patches/CVE-2017-12617.patch: add checks to
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/webresources/AbstractFileResourceSet.java,
      java/org/apache/catalina/webresources/DirResourceSet.java,
      java/org/apache/tomcat/util/compat/JrePlatform.java,
      test/org/apache/catalina/webresources/AbstractTestResourceSet.java,
      test/org/apache/catalina/webresources/TestAbstractFileResourceSetPerformance.java.
    - CVE-2017-12617
  * SECURITY UPDATE: incorrectly documented CGI search algorithm
    - debian/patches/CVE-2017-15706.patch: adjust documentation in
      webapps/docs/cgi-howto.xml.
    - CVE-2017-15706
  * SECURITY UPDATE: security constraints mapped to context root are ignored
    - debian/patches/CVE-2018-1304.patch: add check to
      java/org/apache/catalina/realm/RealmBase.java.
    - CVE-2018-1304
  * SECURITY UPDATE: security constraint annotations applied too late
    - debian/patches/CVE-2018-1305.patch: change ordering in
      java/org/apache/catalina/Wrapper.java,
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/core/ApplicationContext.java,
      java/org/apache/catalina/core/ApplicationServletRegistration.java,
      java/org/apache/catalina/core/StandardContext.java,
      java/org/apache/catalina/core/StandardWrapper.java,
      java/org/apache/catalina/startup/ContextConfig.java,
      java/org/apache/catalina/startup/Tomcat.java,
      java/org/apache/catalina/startup/WebAnnotationSet.java.
    - CVE-2018-1305
  * SECURITY UPDATE: CORS filter has insecure defaults
    - debian/patches/CVE-2018-8014.patch: change defaults in
      java/org/apache/catalina/filters/CorsFilter.java,
      java/org/apache/catalina/filters/LocalStrings.properties,
      test/org/apache/catalina/filters/TestCorsFilter.java,
      test/org/apache/catalina/filters/TesterFilterConfigs.java.
    - CVE-2018-8014

applied/ubuntu/bionic 2018-04-19 15:59:14 UTC 2018-04-19
Import patches-applied version 8.5.30-1ubuntu1 to applied/ubuntu/bionic-proposed

Author: Timo Aaltonen
Author Date: 2018-04-19 11:53:19 UTC

Import patches-applied version 8.5.30-1ubuntu1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: b10e93df8b71ff5e193436278f00ad01910247b9
Unapplied parent: a92e28b95dd5ca91413b323b3c49bb18b4da6b45

New changelog entries:
  * control: Break/replace tomcat8.0 binaries. (LP: #1717998)

ubuntu/bionic 2018-04-19 15:59:14 UTC 2018-04-19
Import patches-unapplied version 8.5.30-1ubuntu1 to ubuntu/bionic-proposed

Author: Timo Aaltonen
Author Date: 2018-04-19 11:53:19 UTC

Import patches-unapplied version 8.5.30-1ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 5fa6efd6d465677fdae1bc27517674a340cc8a2d

New changelog entries:
  * control: Break/replace tomcat8.0 binaries. (LP: #1717998)

importer/ubuntu/pristine-tar 2018-03-22 15:52:52 UTC 2018-03-22
pristine-tar data for tomcat8_8.5.29.orig.tar.xz

Author: Ubuntu Git Importer
Author Date: 2018-03-22 15:52:52 UTC

pristine-tar data for tomcat8_8.5.29.orig.tar.xz

importer/debian/pristine-tar 2018-03-15 17:51:13 UTC 2018-03-15
pristine-tar data for tomcat8_8.5.29.orig.tar.xz

Author: Ubuntu Git Importer
Author Date: 2018-03-15 17:51:13 UTC

pristine-tar data for tomcat8_8.5.29.orig.tar.xz

ubuntu/zesty-devel 2018-01-08 15:33:11 UTC 2018-01-08
Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-09-27 21:20:40 UTC

Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: b66d69c49a35f4f34c5a2df6827333ac051c9cb2

New changelog entries:
  * SECURITY UPDATE: loss of pipeline requests
    - debian/patches/CVE-2017-5647.patch: improve sendfile handling when
      requests are pipelined in
      java/org/apache/coyote/AbstractProtocol.java,
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/Http11Nio2Processor.java,
      java/org/apache/coyote/http11/Http11NioProcessor.java,
      java/org/apache/tomcat/util/net/AprEndpoint.java,
      java/org/apache/tomcat/util/net/Nio2Endpoint.java,
      java/org/apache/tomcat/util/net/NioEndpoint.java,
      java/org/apache/tomcat/util/net/SendfileKeepAliveState.java.
    - CVE-2017-5647
  * SECURITY UPDATE: incorrect facade object use
    - debian/patches/CVE-2017-5648.patch: ensure request and response
      facades are used when firing application listeners in
      java/org/apache/catalina/authenticator/FormAuthenticator.java,
      java/org/apache/catalina/core/StandardHostValve.java.
    - CVE-2017-5648
  * SECURITY UPDATE: unexpected and undesirable results for static error
    pages
    - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/servlets/WebdavServlet.java.
    - CVE-2017-5664
  * SECURITY UPDATE: client and server side cache poisoning in CORS filter
    - debian/patches/CVE-2017-7674.patch: set Vary header in response in
      java/org/apache/catalina/filters/CorsFilter.java.
    - CVE-2017-7674

ubuntu/zesty-security 2018-01-08 15:33:11 UTC 2018-01-08
Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-09-27 21:20:40 UTC

Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: b66d69c49a35f4f34c5a2df6827333ac051c9cb2

New changelog entries:
  * SECURITY UPDATE: loss of pipeline requests
    - debian/patches/CVE-2017-5647.patch: improve sendfile handling when
      requests are pipelined in
      java/org/apache/coyote/AbstractProtocol.java,
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/Http11Nio2Processor.java,
      java/org/apache/coyote/http11/Http11NioProcessor.java,
      java/org/apache/tomcat/util/net/AprEndpoint.java,
      java/org/apache/tomcat/util/net/Nio2Endpoint.java,
      java/org/apache/tomcat/util/net/NioEndpoint.java,
      java/org/apache/tomcat/util/net/SendfileKeepAliveState.java.
    - CVE-2017-5647
  * SECURITY UPDATE: incorrect facade object use
    - debian/patches/CVE-2017-5648.patch: ensure request and response
      facades are used when firing application listeners in
      java/org/apache/catalina/authenticator/FormAuthenticator.java,
      java/org/apache/catalina/core/StandardHostValve.java.
    - CVE-2017-5648
  * SECURITY UPDATE: unexpected and undesirable results for static error
    pages
    - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/servlets/WebdavServlet.java.
    - CVE-2017-5664
  * SECURITY UPDATE: client and server side cache poisoning in CORS filter
    - debian/patches/CVE-2017-7674.patch: set Vary header in response in
      java/org/apache/catalina/filters/CorsFilter.java.
    - CVE-2017-7674

applied/ubuntu/zesty-devel 2018-01-08 15:33:11 UTC 2018-01-08
Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-secu...

Author: Marc Deslauriers
Author Date: 2017-09-27 21:20:40 UTC

Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 1d1f35d9a08ed6ab2924a9afdea4f1cf99ccdb7b
Unapplied parent: 33665c0987c059a698780337970bfa91b2eabfd4

New changelog entries:
  * SECURITY UPDATE: loss of pipeline requests
    - debian/patches/CVE-2017-5647.patch: improve sendfile handling when
      requests are pipelined in
      java/org/apache/coyote/AbstractProtocol.java,
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/Http11Nio2Processor.java,
      java/org/apache/coyote/http11/Http11NioProcessor.java,
      java/org/apache/tomcat/util/net/AprEndpoint.java,
      java/org/apache/tomcat/util/net/Nio2Endpoint.java,
      java/org/apache/tomcat/util/net/NioEndpoint.java,
      java/org/apache/tomcat/util/net/SendfileKeepAliveState.java.
    - CVE-2017-5647
  * SECURITY UPDATE: incorrect facade object use
    - debian/patches/CVE-2017-5648.patch: ensure request and response
      facades are used when firing application listeners in
      java/org/apache/catalina/authenticator/FormAuthenticator.java,
      java/org/apache/catalina/core/StandardHostValve.java.
    - CVE-2017-5648
  * SECURITY UPDATE: unexpected and undesirable results for static error
    pages
    - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/servlets/WebdavServlet.java.
    - CVE-2017-5664
  * SECURITY UPDATE: client and server side cache poisoning in CORS filter
    - debian/patches/CVE-2017-7674.patch: set Vary header in response in
      java/org/apache/catalina/filters/CorsFilter.java.
    - CVE-2017-7674

applied/ubuntu/zesty-security 2018-01-08 15:33:11 UTC 2018-01-08
Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-secu...

Author: Marc Deslauriers
Author Date: 2017-09-27 21:20:40 UTC

Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 1d1f35d9a08ed6ab2924a9afdea4f1cf99ccdb7b
Unapplied parent: 33665c0987c059a698780337970bfa91b2eabfd4

New changelog entries:
  * SECURITY UPDATE: loss of pipeline requests
    - debian/patches/CVE-2017-5647.patch: improve sendfile handling when
      requests are pipelined in
      java/org/apache/coyote/AbstractProtocol.java,
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/Http11Nio2Processor.java,
      java/org/apache/coyote/http11/Http11NioProcessor.java,
      java/org/apache/tomcat/util/net/AprEndpoint.java,
      java/org/apache/tomcat/util/net/Nio2Endpoint.java,
      java/org/apache/tomcat/util/net/NioEndpoint.java,
      java/org/apache/tomcat/util/net/SendfileKeepAliveState.java.
    - CVE-2017-5647
  * SECURITY UPDATE: incorrect facade object use
    - debian/patches/CVE-2017-5648.patch: ensure request and response
      facades are used when firing application listeners in
      java/org/apache/catalina/authenticator/FormAuthenticator.java,
      java/org/apache/catalina/core/StandardHostValve.java.
    - CVE-2017-5648
  * SECURITY UPDATE: unexpected and undesirable results for static error
    pages
    - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/servlets/WebdavServlet.java.
    - CVE-2017-5664
  * SECURITY UPDATE: client and server side cache poisoning in CORS filter
    - debian/patches/CVE-2017-7674.patch: set Vary header in response in
      java/org/apache/catalina/filters/CorsFilter.java.
    - CVE-2017-7674

applied/ubuntu/zesty-updates 2018-01-08 15:33:11 UTC 2018-01-08
Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-secu...

Author: Marc Deslauriers
Author Date: 2017-09-27 21:20:40 UTC

Import patches-applied version 8.0.38-2ubuntu2.2 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 1d1f35d9a08ed6ab2924a9afdea4f1cf99ccdb7b
Unapplied parent: 33665c0987c059a698780337970bfa91b2eabfd4

New changelog entries:
  * SECURITY UPDATE: loss of pipeline requests
    - debian/patches/CVE-2017-5647.patch: improve sendfile handling when
      requests are pipelined in
      java/org/apache/coyote/AbstractProtocol.java,
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/Http11Nio2Processor.java,
      java/org/apache/coyote/http11/Http11NioProcessor.java,
      java/org/apache/tomcat/util/net/AprEndpoint.java,
      java/org/apache/tomcat/util/net/Nio2Endpoint.java,
      java/org/apache/tomcat/util/net/NioEndpoint.java,
      java/org/apache/tomcat/util/net/SendfileKeepAliveState.java.
    - CVE-2017-5647
  * SECURITY UPDATE: incorrect facade object use
    - debian/patches/CVE-2017-5648.patch: ensure request and response
      facades are used when firing application listeners in
      java/org/apache/catalina/authenticator/FormAuthenticator.java,
      java/org/apache/catalina/core/StandardHostValve.java.
    - CVE-2017-5648
  * SECURITY UPDATE: unexpected and undesirable results for static error
    pages
    - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/servlets/WebdavServlet.java.
    - CVE-2017-5664
  * SECURITY UPDATE: client and server side cache poisoning in CORS filter
    - debian/patches/CVE-2017-7674.patch: set Vary header in response in
      java/org/apache/catalina/filters/CorsFilter.java.
    - CVE-2017-7674

ubuntu/zesty-updates 2018-01-08 15:33:11 UTC 2018-01-08
Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-09-27 21:20:40 UTC

Import patches-unapplied version 8.0.38-2ubuntu2.2 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: b66d69c49a35f4f34c5a2df6827333ac051c9cb2

New changelog entries:
  * SECURITY UPDATE: loss of pipeline requests
    - debian/patches/CVE-2017-5647.patch: improve sendfile handling when
      requests are pipelined in
      java/org/apache/coyote/AbstractProtocol.java,
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/Http11Nio2Processor.java,
      java/org/apache/coyote/http11/Http11NioProcessor.java,
      java/org/apache/tomcat/util/net/AprEndpoint.java,
      java/org/apache/tomcat/util/net/Nio2Endpoint.java,
      java/org/apache/tomcat/util/net/NioEndpoint.java,
      java/org/apache/tomcat/util/net/SendfileKeepAliveState.java.
    - CVE-2017-5647
  * SECURITY UPDATE: incorrect facade object use
    - debian/patches/CVE-2017-5648.patch: ensure request and response
      facades are used when firing application listeners in
      java/org/apache/catalina/authenticator/FormAuthenticator.java,
      java/org/apache/catalina/core/StandardHostValve.java.
    - CVE-2017-5648
  * SECURITY UPDATE: unexpected and undesirable results for static error
    pages
    - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/servlets/WebdavServlet.java.
    - CVE-2017-5664
  * SECURITY UPDATE: client and server side cache poisoning in CORS filter
    - debian/patches/CVE-2017-7674.patch: set Vary header in response in
      java/org/apache/catalina/filters/CorsFilter.java.
    - CVE-2017-7674

debian/jessie 2017-12-09 17:57:37 UTC 2017-12-09
Import patches-unapplied version 8.0.14-1+deb8u11 to debian/jessie

Author: Sebastien Delafond
Author Date: 2017-09-15 11:18:33 UTC

Import patches-unapplied version 8.0.14-1+deb8u11 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 95750ce33e7f1b757023f0ac82d00af354758800

New changelog entries:
  * Fix CVE-2017-7674:
    The CORS Filter did not add an HTTP Vary header indicating that the
    response varies depending on Origin. This permitted client and server side
    cache poisoning in some circumstances.

applied/debian/jessie 2017-12-09 17:57:37 UTC 2017-12-09
Import patches-applied version 8.0.14-1+deb8u11 to applied/debian/jessie

Author: Sebastien Delafond
Author Date: 2017-09-15 11:18:33 UTC

Import patches-applied version 8.0.14-1+deb8u11 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 5030667b8a2fd232cd52392cf7ee2431681b03c1
Unapplied parent: d3ea47f06ac9c862803455ad23a1028d423f36e8

New changelog entries:
  * Fix CVE-2017-7674:
    The CORS Filter did not add an HTTP Vary header indicating that the
    response varies depending on Origin. This permitted client and server side
    cache poisoning in some circumstances.

applied/ubuntu/artful-proposed 2017-10-13 12:08:39 UTC 2017-10-13
Import patches-applied version 8.5.21-1ubuntu1 to applied/ubuntu/artful-proposed

Author: Robie Basak
Author Date: 2017-10-13 11:06:51 UTC

Import patches-applied version 8.5.21-1ubuntu1 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: f0b00255f61060fc896d34114b94eb2764535856
Unapplied parent: 2d47a0810ea5b8ffc09a8430f121402ed28bd8b5

New changelog entries:
  * Demote libtcnative-1 from Recommends to Suggests as it is in
    universe.

ubuntu/artful-proposed 2017-10-13 12:08:39 UTC 2017-10-13
Import patches-unapplied version 8.5.21-1ubuntu1 to ubuntu/artful-proposed

Author: Robie Basak
Author Date: 2017-10-13 11:06:51 UTC

Import patches-unapplied version 8.5.21-1ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 0043fa8fb52ee4ad9afb9be91cd75d3617fe5f3e

New changelog entries:
  * Demote libtcnative-1 from Recommends to Suggests as it is in
    universe.

applied/ubuntu/artful 2017-10-13 12:08:39 UTC 2017-10-13
Import patches-applied version 8.5.21-1ubuntu1 to applied/ubuntu/artful-proposed

Author: Robie Basak
Author Date: 2017-10-13 11:06:51 UTC

Import patches-applied version 8.5.21-1ubuntu1 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: f0b00255f61060fc896d34114b94eb2764535856
Unapplied parent: 2d47a0810ea5b8ffc09a8430f121402ed28bd8b5

New changelog entries:
  * Demote libtcnative-1 from Recommends to Suggests as it is in
    universe.

ubuntu/artful 2017-10-13 12:08:39 UTC 2017-10-13
Import patches-unapplied version 8.5.21-1ubuntu1 to ubuntu/artful-proposed

Author: Robie Basak
Author Date: 2017-10-13 11:06:51 UTC

Import patches-unapplied version 8.5.21-1ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 0043fa8fb52ee4ad9afb9be91cd75d3617fe5f3e

New changelog entries:
  * Demote libtcnative-1 from Recommends to Suggests as it is in
    universe.

applied/ubuntu/yakkety-proposed 2017-05-11 22:18:15 UTC 2017-05-11
Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-pr...

Author: Joshua Powers
Author Date: 2017-03-28 23:46:16 UTC

Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: d4e3e8dfdb8b82224a823889e8f1a86cb536aaa4
Unapplied parent: 468219e03a003bf5ef1c56c0cc02c9b93c19c88d

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

applied/ubuntu/yakkety-devel 2017-05-11 22:18:15 UTC 2017-05-11
Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-pr...

Author: Joshua Powers
Author Date: 2017-03-28 23:46:16 UTC

Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: d4e3e8dfdb8b82224a823889e8f1a86cb536aaa4
Unapplied parent: 468219e03a003bf5ef1c56c0cc02c9b93c19c88d

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

applied/ubuntu/yakkety-updates 2017-05-11 22:18:15 UTC 2017-05-11
Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-pr...

Author: Joshua Powers
Author Date: 2017-03-28 23:46:16 UTC

Import patches-applied version 8.0.37-1ubuntu0.2 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: d4e3e8dfdb8b82224a823889e8f1a86cb536aaa4
Unapplied parent: 468219e03a003bf5ef1c56c0cc02c9b93c19c88d

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

ubuntu/yakkety-devel 2017-05-11 22:18:15 UTC 2017-05-11
Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed

Author: Joshua Powers
Author Date: 2017-03-28 23:46:16 UTC

Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: a9c810e15482f92a34e00df0072b7998f1e9f0de

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

ubuntu/yakkety-proposed 2017-05-11 22:18:15 UTC 2017-05-11
Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed

Author: Joshua Powers
Author Date: 2017-03-28 23:46:16 UTC

Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: a9c810e15482f92a34e00df0072b7998f1e9f0de

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

ubuntu/yakkety-updates 2017-05-11 22:18:15 UTC 2017-05-11
Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed

Author: Joshua Powers
Author Date: 2017-03-28 23:46:16 UTC

Import patches-unapplied version 8.0.37-1ubuntu0.2 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: a9c810e15482f92a34e00df0072b7998f1e9f0de

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

ubuntu/zesty 2017-04-11 01:23:16 UTC 2017-04-11
Import patches-unapplied version 8.0.38-2ubuntu2 to ubuntu/zesty-proposed

Author: Joshua Powers
Author Date: 2017-03-28 23:47:32 UTC

Import patches-unapplied version 8.0.38-2ubuntu2 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 8fcde4802291510660959842797a577db834e965

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

applied/ubuntu/zesty 2017-04-11 01:23:16 UTC 2017-04-11
Import patches-applied version 8.0.38-2ubuntu2 to applied/ubuntu/zesty-proposed

Author: Joshua Powers
Author Date: 2017-03-28 23:47:32 UTC

Import patches-applied version 8.0.38-2ubuntu2 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 94b822743270fec9e1da46dcb3a1a7a92ea08dc8
Unapplied parent: c3066e65134d587314d36bebf16898bbca0bd449

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

ubuntu/zesty-proposed 2017-04-11 01:23:16 UTC 2017-04-11
Import patches-unapplied version 8.0.38-2ubuntu2 to ubuntu/zesty-proposed

Author: Joshua Powers
Author Date: 2017-03-28 23:47:32 UTC

Import patches-unapplied version 8.0.38-2ubuntu2 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 8fcde4802291510660959842797a577db834e965

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

applied/ubuntu/zesty-proposed 2017-04-11 01:23:16 UTC 2017-04-11
Import patches-applied version 8.0.38-2ubuntu2 to applied/ubuntu/zesty-proposed

Author: Joshua Powers
Author Date: 2017-03-28 23:47:32 UTC

Import patches-applied version 8.0.38-2ubuntu2 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 94b822743270fec9e1da46dcb3a1a7a92ea08dc8
Unapplied parent: c3066e65134d587314d36bebf16898bbca0bd449

New changelog entries:
  * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8
    contains the '%' character (LP: #1666570).

ubuntu/yakkety-security 2017-01-23 18:13:30 UTC 2017-01-23
Import patches-unapplied version 8.0.37-1ubuntu0.1 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-01-13 15:48:08 UTC

Import patches-unapplied version 8.0.37-1ubuntu0.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: f250774836a3e9a7ba945f4c2cdabb1cf1950309

New changelog entries:
  * SECURITY UPDATE: HTTP response injection via invalid characters
    - debian/patches/CVE-2016-6816.patch: add additional checks for valid
      characters in java/org/apache/coyote/http11/AbstractInputBuffer.java,
      java/org/apache/coyote/http11/AbstractNioInputBuffer.java,
      java/org/apache/coyote/http11/InternalAprInputBuffer.java,
      java/org/apache/coyote/http11/InternalInputBuffer.java,
      java/org/apache/coyote/http11/LocalStrings.properties,
      java/org/apache/tomcat/util/http/parser/HttpParser.java.
    - CVE-2016-6816
  * SECURITY UPDATE: remote code execution via JmxRemoteLifecycleListener
    - debian/patches/CVE-2016-8735.patch: explicitly configure allowed
      credential types in
      java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java.
    - CVE-2016-8735
  * SECURITY UPDATE: information leakage between requests
    - debian/patches/CVE-2016-8745.patch: properly handle cache when unable
      to complete sendfile request in
      java/org/apache/tomcat/util/net/NioEndpoint.java.
    - CVE-2016-8745
  * SECURITY UPDATE: privilege escalation during package upgrade
    - debian/rules, debian/tomcat8.postinst: properly set permissions on
      /etc/tomcat8/Catalina/localhost.
    - CVE-2016-9774
  * SECURITY UPDATE: privilege escalation during package removal
    - debian/tomcat8.postrm.in: don't reset permissions before removing
      user.
    - CVE-2016-9775
  * debian/tomcat8.init: further hardening.

applied/ubuntu/yakkety-security 2017-01-23 18:13:30 UTC 2017-01-23
Import patches-applied version 8.0.37-1ubuntu0.1 to applied/ubuntu/yakkety-se...

Author: Marc Deslauriers
Author Date: 2017-01-13 15:48:08 UTC

Import patches-applied version 8.0.37-1ubuntu0.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: adafa06c2d373b3edaf5d7f39b18a819855c1899
Unapplied parent: 9d9e980d9bf5abe73d5bd348eb507af2e2e88467

New changelog entries:
  * SECURITY UPDATE: HTTP response injection via invalid characters
    - debian/patches/CVE-2016-6816.patch: add additional checks for valid
      characters in java/org/apache/coyote/http11/AbstractInputBuffer.java,
      java/org/apache/coyote/http11/AbstractNioInputBuffer.java,
      java/org/apache/coyote/http11/InternalAprInputBuffer.java,
      java/org/apache/coyote/http11/InternalInputBuffer.java,
      java/org/apache/coyote/http11/LocalStrings.properties,
      java/org/apache/tomcat/util/http/parser/HttpParser.java.
    - CVE-2016-6816
  * SECURITY UPDATE: remote code execution via JmxRemoteLifecycleListener
    - debian/patches/CVE-2016-8735.patch: explicitly configure allowed
      credential types in
      java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java.
    - CVE-2016-8735
  * SECURITY UPDATE: information leakage between requests
    - debian/patches/CVE-2016-8745.patch: properly handle cache when unable
      to complete sendfile request in
      java/org/apache/tomcat/util/net/NioEndpoint.java.
    - CVE-2016-8745
  * SECURITY UPDATE: privilege escalation during package upgrade
    - debian/rules, debian/tomcat8.postinst: properly set permissions on
      /etc/tomcat8/Catalina/localhost.
    - CVE-2016-9774
  * SECURITY UPDATE: privilege escalation during package removal
    - debian/tomcat8.postrm.in: don't reset permissions before removing
      user.
    - CVE-2016-9775
  * debian/tomcat8.init: further hardening.

ubuntu/yakkety 2016-09-19 22:28:06 UTC 2016-09-19
Import patches-unapplied version 8.0.37-1 to debian/sid

Author: Emmanuel Bourg
Author Date: 2016-09-19 07:37:33 UTC

Import patches-unapplied version 8.0.37-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 37f9d4084595f74b686aa400d6d76ef1e4c10d3f

New changelog entries:
  * Team upload.
  * New upstream release
  * Removed 0001-set-UTF-8-as-default-character-encoding.patch (fixed upstream)

applied/ubuntu/yakkety 2016-09-19 22:28:06 UTC 2016-09-19
Import patches-applied version 8.0.37-1 to applied/debian/sid

Author: Emmanuel Bourg
Author Date: 2016-09-19 07:37:33 UTC

Import patches-applied version 8.0.37-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: a51097c2c683da12a1ffc5674a5ca80903b7ae3a
Unapplied parent: b26a373625d1c196dd88b8df19cfb0780ed7845d

New changelog entries:
  * Team upload.
  * New upstream release
  * Removed 0001-set-UTF-8-as-default-character-encoding.patch (fixed upstream)

ubuntu/xenial 2016-02-19 08:19:05 UTC 2016-02-19
Import patches-unapplied version 8.0.32-1ubuntu1 to ubuntu/xenial-proposed

Author: Nish Aravamudan
Author Date: 2016-02-05 08:20:39 UTC

Import patches-unapplied version 8.0.32-1ubuntu1 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: bc20583702224592a930e782e88b0882f6d88c5f

New changelog entries:
  * Prepare to promote tomcat8 to main (LP: #1539903).
    - debian/control, 0021-ubuntu-mainize-build-xml.patch: Remove
      build-dependencies on libobjenesis-java and libeasymock-java, and skip
      tests that rely on the functionality they provide.

applied/ubuntu/xenial 2016-02-19 08:19:05 UTC 2016-02-19
Import patches-applied version 8.0.32-1ubuntu1 to applied/ubuntu/xenial-proposed

Author: Nish Aravamudan
Author Date: 2016-02-05 08:20:39 UTC

Import patches-applied version 8.0.32-1ubuntu1 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 73754489910c3f366987c5f96e446dd1b3e0069b
Unapplied parent: 00579dc1bbd12094720bcf702bcd46cba0ecb519

New changelog entries:
  * Prepare to promote tomcat8 to main (LP: #1539903).
    - debian/control, 0021-ubuntu-mainize-build-xml.patch: Remove
      build-dependencies on libobjenesis-java and libeasymock-java, and skip
      tests that rely on the functionality they provide.

applied/ubuntu/vivid-devel 2016-01-04 20:59:06 UTC 2016-01-04
Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubunt...

Author: Tyler Hicks
Author Date: 2016-01-04 17:18:56 UTC

Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 46adaaf5f2bba949b1927fad662ffad5ff3ce160
Unapplied parent: 7a61a894b423f1ca4865dee4f4ee2ade0b475eff

New changelog entries:
  * fake sync from Debian

applied/ubuntu/vivid-updates 2016-01-04 20:59:06 UTC 2016-01-04
Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubunt...

Author: Tyler Hicks
Author Date: 2016-01-04 17:18:56 UTC

Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 46adaaf5f2bba949b1927fad662ffad5ff3ce160
Unapplied parent: 7a61a894b423f1ca4865dee4f4ee2ade0b475eff

New changelog entries:
  * fake sync from Debian

ubuntu/vivid-devel 2016-01-04 20:59:06 UTC 2016-01-04
Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivi...

Author: Tyler Hicks
Author Date: 2016-01-04 17:18:56 UTC

Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: a17d5399a1220bca1c28c711e582024bb79e8ece

New changelog entries:
  * fake sync from Debian

ubuntu/vivid-updates 2016-01-04 20:59:06 UTC 2016-01-04
Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivi...

Author: Tyler Hicks
Author Date: 2016-01-04 17:18:56 UTC

Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: a17d5399a1220bca1c28c711e582024bb79e8ece

New changelog entries:
  * fake sync from Debian

ubuntu/vivid-security 2016-01-04 20:59:06 UTC 2016-01-04
Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivi...

Author: Tyler Hicks
Author Date: 2016-01-04 17:18:56 UTC

Import patches-unapplied version 8.0.14-1+deb8u1build0.15.04.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: a17d5399a1220bca1c28c711e582024bb79e8ece

New changelog entries:
  * fake sync from Debian

applied/ubuntu/vivid-security 2016-01-04 20:59:06 UTC 2016-01-04
Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubunt...

Author: Tyler Hicks
Author Date: 2016-01-04 17:18:56 UTC

Import patches-applied version 8.0.14-1+deb8u1build0.15.04.1 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 46adaaf5f2bba949b1927fad662ffad5ff3ce160
Unapplied parent: 7a61a894b423f1ca4865dee4f4ee2ade0b475eff

New changelog entries:
  * fake sync from Debian

ubuntu/wily-devel 2015-08-25 04:18:05 UTC 2015-08-25
Import patches-unapplied version 8.0.26-1 to debian/sid

Author: Emmanuel Bourg
Author Date: 2015-08-23 22:30:40 UTC

Import patches-unapplied version 8.0.26-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9f73ca1aa93c7c8e37f985bebb22ddf4806999cb

New changelog entries:
  * Team upload.
  * New upstream release
    - Refreshed the patches
  * Changed the authbind configuration to allow IPv6 connections (LP: #1443041)
  * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed
    (LP: #1010791)
  * Fixed a minor HTML error in the default index.html file (LP: #1236132)

applied/ubuntu/wily-proposed 2015-08-25 04:18:05 UTC 2015-08-25
Import patches-applied version 8.0.26-1 to applied/debian/sid

Author: Emmanuel Bourg
Author Date: 2015-08-23 22:30:40 UTC

Import patches-applied version 8.0.26-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 056408e04fc5ad5c0c304f450b85aa2b2b93c5f8
Unapplied parent: 4ce542994dc1ec9d63ecbcbed0b4f6462227a9f5

New changelog entries:
  * Team upload.
  * New upstream release
    - Refreshed the patches
  * Changed the authbind configuration to allow IPv6 connections (LP: #1443041)
  * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed
    (LP: #1010791)
  * Fixed a minor HTML error in the default index.html file (LP: #1236132)

applied/ubuntu/wily 2015-08-25 04:18:05 UTC 2015-08-25
Import patches-applied version 8.0.26-1 to applied/debian/sid

Author: Emmanuel Bourg
Author Date: 2015-08-23 22:30:40 UTC

Import patches-applied version 8.0.26-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 056408e04fc5ad5c0c304f450b85aa2b2b93c5f8
Unapplied parent: 4ce542994dc1ec9d63ecbcbed0b4f6462227a9f5

New changelog entries:
  * Team upload.
  * New upstream release
    - Refreshed the patches
  * Changed the authbind configuration to allow IPv6 connections (LP: #1443041)
  * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed
    (LP: #1010791)
  * Fixed a minor HTML error in the default index.html file (LP: #1236132)

ubuntu/wily 2015-08-25 04:18:05 UTC 2015-08-25
Import patches-unapplied version 8.0.26-1 to debian/sid

Author: Emmanuel Bourg
Author Date: 2015-08-23 22:30:40 UTC

Import patches-unapplied version 8.0.26-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9f73ca1aa93c7c8e37f985bebb22ddf4806999cb

New changelog entries:
  * Team upload.
  * New upstream release
    - Refreshed the patches
  * Changed the authbind configuration to allow IPv6 connections (LP: #1443041)
  * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed
    (LP: #1010791)
  * Fixed a minor HTML error in the default index.html file (LP: #1236132)

applied/ubuntu/wily-devel 2015-08-25 04:18:05 UTC 2015-08-25
Import patches-applied version 8.0.26-1 to applied/debian/sid

Author: Emmanuel Bourg
Author Date: 2015-08-23 22:30:40 UTC

Import patches-applied version 8.0.26-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 056408e04fc5ad5c0c304f450b85aa2b2b93c5f8
Unapplied parent: 4ce542994dc1ec9d63ecbcbed0b4f6462227a9f5

New changelog entries:
  * Team upload.
  * New upstream release
    - Refreshed the patches
  * Changed the authbind configuration to allow IPv6 connections (LP: #1443041)
  * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed
    (LP: #1010791)
  * Fixed a minor HTML error in the default index.html file (LP: #1236132)

ubuntu/wily-proposed 2015-08-25 04:18:05 UTC 2015-08-25
Import patches-unapplied version 8.0.26-1 to debian/sid

Author: Emmanuel Bourg
Author Date: 2015-08-23 22:30:40 UTC

Import patches-unapplied version 8.0.26-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9f73ca1aa93c7c8e37f985bebb22ddf4806999cb

New changelog entries:
  * Team upload.
  * New upstream release
    - Refreshed the patches
  * Changed the authbind configuration to allow IPv6 connections (LP: #1443041)
  * Fixed an upgrade error when /etc/tomcat8/tomcat-users.xml is removed
    (LP: #1010791)
  * Fixed a minor HTML error in the default index.html file (LP: #1236132)

applied/ubuntu/vivid 2014-09-29 16:29:32 UTC 2014-09-29
Import patches-applied version 8.0.14-1 to applied/debian/sid

Author: Emmanuel Bourg
Author Date: 2014-09-29 11:23:43 UTC

Import patches-applied version 8.0.14-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: c73f8148e450648f03ff6659b2e937169ad525c4
Unapplied parent: 19db1857b25ff32994e9f3718eae2c4e4cdc70a6

New changelog entries:
  * New upstream release
    - Refreshed the patches
  * Build depend on libcglib3-java instead of libcglib-java
  * Standards-Version updated to 3.9.6 (no changes)

ubuntu/vivid 2014-09-29 16:29:32 UTC 2014-09-29
Import patches-unapplied version 8.0.14-1 to debian/sid

Author: Emmanuel Bourg
Author Date: 2014-09-29 11:23:43 UTC

Import patches-unapplied version 8.0.14-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2fab781499f33207ae62a7c84933b276b6858206

New changelog entries:
  * New upstream release
    - Refreshed the patches
  * Build depend on libcglib3-java instead of libcglib-java
  * Standards-Version updated to 3.9.6 (no changes)

ubuntu/vivid-proposed 2014-09-29 16:29:32 UTC 2014-09-29
Import patches-unapplied version 8.0.14-1 to debian/sid

Author: Emmanuel Bourg
Author Date: 2014-09-29 11:23:43 UTC

Import patches-unapplied version 8.0.14-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2fab781499f33207ae62a7c84933b276b6858206

New changelog entries:
  * New upstream release
    - Refreshed the patches
  * Build depend on libcglib3-java instead of libcglib-java
  * Standards-Version updated to 3.9.6 (no changes)

applied/ubuntu/vivid-proposed 2014-09-29 16:29:32 UTC 2014-09-29
Import patches-applied version 8.0.14-1 to applied/debian/sid

Author: Emmanuel Bourg
Author Date: 2014-09-29 11:23:43 UTC

Import patches-applied version 8.0.14-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: c73f8148e450648f03ff6659b2e937169ad525c4
Unapplied parent: 19db1857b25ff32994e9f3718eae2c4e4cdc70a6

New changelog entries:
  * New upstream release
    - Refreshed the patches
  * Build depend on libcglib3-java instead of libcglib-java
  * Standards-Version updated to 3.9.6 (no changes)

ubuntu/utopic-proposed 2014-06-25 04:24:57 UTC 2014-06-25
Import patches-unapplied version 8.0.9-1 to debian/sid

Author: Emmanuel Bourg
Author Date: 2014-06-24 19:28:37 UTC

Import patches-unapplied version 8.0.9-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8b6dc216e873a5612c72aed9908dd8a818f7d496

New changelog entries:
  [ Emmanuel Bourg ]
  * New upstream release
    - Refreshed the patches
  * Search for OpenJDK 8 and Oracle JDKs when starting the server
  * Removed the dependency on the non existent java-7-runtime package
  * Fixed a link still pointing to the Tomcat 7 documentation in README.Debian
  * Updated the version required for libtcnative-1 (>= 1.1.30)
  [ tony mancill ]
  * Update README.Debian with information about migration guides.

ubuntu/utopic-devel 2014-06-25 04:24:57 UTC 2014-06-25
Import patches-unapplied version 8.0.9-1 to debian/sid

Author: Emmanuel Bourg
Author Date: 2014-06-24 19:28:37 UTC

Import patches-unapplied version 8.0.9-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8b6dc216e873a5612c72aed9908dd8a818f7d496

New changelog entries:
  [ Emmanuel Bourg ]
  * New upstream release
    - Refreshed the patches
  * Search for OpenJDK 8 and Oracle JDKs when starting the server
  * Removed the dependency on the non existent java-7-runtime package
  * Fixed a link still pointing to the Tomcat 7 documentation in README.Debian
  * Updated the version required for libtcnative-1 (>= 1.1.30)
  [ tony mancill ]
  * Update README.Debian with information about migration guides.

1100 of 104 results

Other repositories

Name Last Modified
lp:ubuntu/+source/tomcat8 2020-05-26
lp:~kstenerud/ubuntu/+source/tomcat8 2019-02-12
lp:~powersj/ubuntu/+source/tomcat8 2017-03-28
13 of 3 results
You can't create new repositories for tomcat8 in Ubuntu.