Ubuntu
tomcat6 package

Branches for Intrepid

Name		Status	Last Modified	Last Commit
lp:ubuntu/intrepid/tomcat6		2 Mature	2009-12-05 14:49:30 UTC 2009-12-05	6. * debian/tomcat6.postinst: - Make /... Author: Thierry Carrez Revision Date: 2008-10-23 18:19:15 UTC * debian/tomcat6.postinst: - Make /var/lib/tomcat6/temp writeable by the tomcat6 user (LP: #287126) - Make /var/lib/tomcat6/webapps writeable by tomcat6 group (LP: #287447) * debian/tomcat6.init: make status return nonzero if tomcat6 is not running (fixes LP: #288218)
lp:ubuntu/intrepid-proposed/tomcat6		2 Mature	2009-12-05 14:50:18 UTC 2009-12-05	7. * patches/use-commons-dbcp.patch: Cha... Author: Thierry Carrez Revision Date: 2008-12-05 09:58:55 UTC * patches/use-commons-dbcp.patch: Change default DBCP factory class to org.apache.commons.dbcp.BasicDataSourceFactory (LP: #283852) * tomcat6.dirs, tomcat6.postinst, default_root/index.html: Create Catalina/localhost in /etc/tomcat6 and make it writeable by the tomcat6 group, so that autodeploy and admin webapps work as expected (LP: #294277)
lp:ubuntu/intrepid-security/tomcat6		2 Mature	2010-02-11 09:22:51 UTC 2010-02-11	8. * SECURITY UPDATE: arbitrary file cre... Author: Marc Deslauriers Revision Date: 2010-02-11 09:22:51 UTC * SECURITY UPDATE: arbitrary file creation or overwrite from directory traversal via a .. entry in a WAR file. - CVE-2009-2693 * SECURITY UPDATE: authentication bypass via autodeployment process - CVE-2009-2901 * SECURITY UPDATE: work-directory file deletion via directory traversal sequences in a WAR filename. - CVE-2009-2902 - debian/patches/security_CVE-2009-2693_2901_2902.patch: validate file names and paths in java/org/apache/catalina/loader/ {LocalStrings.properties,WebappClassLoader.java}, java/org/apache/catalina/startup/{ContextConfig.java,ExpandWar.java, HostConfig.java,LocalStrings.properties}
lp:ubuntu/intrepid-updates/tomcat6		2 Mature	2010-02-11 09:22:51 UTC 2010-02-11	8. * SECURITY UPDATE: arbitrary file cre... Author: Marc Deslauriers Revision Date: 2010-02-11 09:22:51 UTC * SECURITY UPDATE: arbitrary file creation or overwrite from directory traversal via a .. entry in a WAR file. - CVE-2009-2693 * SECURITY UPDATE: authentication bypass via autodeployment process - CVE-2009-2901 * SECURITY UPDATE: work-directory file deletion via directory traversal sequences in a WAR filename. - CVE-2009-2902 - debian/patches/security_CVE-2009-2693_2901_2902.patch: validate file names and paths in java/org/apache/catalina/loader/ {LocalStrings.properties,WebappClassLoader.java}, java/org/apache/catalina/startup/{ContextConfig.java,ExpandWar.java, HostConfig.java,LocalStrings.properties}