Branches for Karmic

Name Status Last Modified Last Commit
lp:ubuntu/karmic/tomcat6 2 Mature 2009-12-05 14:52:25 UTC
13. * Add maven POM's for libservlet2.5-j...

Author: Matthias Klose
Revision Date: 2009-10-25 17:00:31 UTC

* Add maven POM's for libservlet2.5-java. LP: #454822.
* debian/policy/02debian.policy: grant access to
  /usr/share/maven-repo/ as it is a valid source of Debian JARs.

lp:ubuntu/karmic-security/tomcat6 bug 2 Mature 2011-03-29 17:20:43 UTC
17. * SECURITY UPDATE: directory traversa...

Author: Marc Deslauriers
Revision Date: 2011-03-24 13:58:06 UTC

* SECURITY UPDATE: directory traversal via incorrect ServetContext
  attribute (LP: #717396)
  - debian/patches/0012-CVE-2010-3718.patch: mark as read only in
    java/org/apache/catalina/core/StandardContext.java.
  - CVE-2010-3718
* SECURITY UPDATE: cross-site scripting in HTML Manager interface
  - debian/patches/0013-CVE-2011-0013.patch: properly filter values in
    java/org/apache/catalina/manager/{HTMLManagerServlet.java,
    StatusTransformer.java}.
  - CVE-2011-0013
* SECURITY UPDATE: denial of service via NIOS HTTP connector
  (LP: #714239, LP: #717396)
  - debian/patches/0014-CVE-2011-0534.patch: enforce proper size in
    java/org/apache/coyote/http11/InternalNioInputBuffer.java.
  - CVE-2011-0534

lp:ubuntu/karmic-updates/tomcat6 2 Mature 2011-03-24 13:58:06 UTC
17. * SECURITY UPDATE: directory traversa...

Author: Marc Deslauriers
Revision Date: 2011-03-24 13:58:06 UTC

* SECURITY UPDATE: directory traversal via incorrect ServetContext
  attribute (LP: #717396)
  - debian/patches/0012-CVE-2010-3718.patch: mark as read only in
    java/org/apache/catalina/core/StandardContext.java.
  - CVE-2010-3718
* SECURITY UPDATE: cross-site scripting in HTML Manager interface
  - debian/patches/0013-CVE-2011-0013.patch: properly filter values in
    java/org/apache/catalina/manager/{HTMLManagerServlet.java,
    StatusTransformer.java}.
  - CVE-2011-0013
* SECURITY UPDATE: denial of service via NIOS HTTP connector
  (LP: #714239, LP: #717396)
  - debian/patches/0014-CVE-2011-0534.patch: enforce proper size in
    java/org/apache/coyote/http11/InternalNioInputBuffer.java.
  - CVE-2011-0534

13 of 3 results