Ubuntu
tomcat6 package

Branches for Precise

Name		Status	Last Modified	Last Commit
lp:ubuntu/precise/tomcat6		2 Mature	2012-04-11 10:29:11 UTC 2012-04-11	45. * Handle creation of user instances w... Author: James Page Revision Date: 2012-04-11 10:29:11 UTC * Handle creation of user instances with pathnames containing spaces (LP: #977498): - d/tomcat6-instance-create: Quote access to files and directories so that spaces can be used when creating user instances.
lp:ubuntu/precise-security/tomcat6		2 Mature	2015-06-25 12:25:26 UTC 2015-06-25	51. * SECURITY UPDATE: HTTP request smugg... Author: Marc Deslauriers Revision Date: 2015-06-22 08:16:23 UTC * SECURITY UPDATE: HTTP request smuggling or denial of service via streaming with malformed chunked transfer encoding (LP: #1449975) - debian/patches/CVE-2014-0227.patch: add error flag and improve i18n in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java, java/org/apache/coyote/http11/filters/LocalStrings.properties. - CVE-2014-0227 * SECURITY UPDATE: denial of service via aborted upload attempts (LP: #1449975) - debian/patches/CVE-2014-0230.patch: limit amount of data in java/org/apache/coyote/Constants.java, java/org/apache/coyote/http11/filters/ChunkedInputFilter.java, java/org/apache/coyote/http11/filters/IdentityInputFilter.java, java/org/apache/coyote/http11/filters/LocalStrings.properties, webapps/docs/config/systemprops.xml. - CVE-2014-0230 * SECURITY UPDATE: SecurityManager bypass via Expression Language - debian/patches/CVE-2014-7810.patch: handle classes that may not be accessible but have accessible interfaces in java/javax/el/BeanELResolver.java, remove unnecessary code in java/org/apache/jasper/runtime/PageContextImpl.java, java/org/apache/jasper/security/SecurityClassLoad.java. - CVE-2014-7810
lp:ubuntu/precise-updates/tomcat6		2 Mature	2015-06-22 08:16:23 UTC 2015-06-22	51. * SECURITY UPDATE: HTTP request smugg... Author: Marc Deslauriers Revision Date: 2015-06-22 08:16:23 UTC * SECURITY UPDATE: HTTP request smuggling or denial of service via streaming with malformed chunked transfer encoding (LP: #1449975) - debian/patches/CVE-2014-0227.patch: add error flag and improve i18n in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java, java/org/apache/coyote/http11/filters/LocalStrings.properties. - CVE-2014-0227 * SECURITY UPDATE: denial of service via aborted upload attempts (LP: #1449975) - debian/patches/CVE-2014-0230.patch: limit amount of data in java/org/apache/coyote/Constants.java, java/org/apache/coyote/http11/filters/ChunkedInputFilter.java, java/org/apache/coyote/http11/filters/IdentityInputFilter.java, java/org/apache/coyote/http11/filters/LocalStrings.properties, webapps/docs/config/systemprops.xml. - CVE-2014-0230 * SECURITY UPDATE: SecurityManager bypass via Expression Language - debian/patches/CVE-2014-7810.patch: handle classes that may not be accessible but have accessible interfaces in java/javax/el/BeanELResolver.java, remove unnecessary code in java/org/apache/jasper/runtime/PageContextImpl.java, java/org/apache/jasper/security/SecurityClassLoad.java. - CVE-2014-7810