Created by Ubuntu Package Importer on 2013-03-16 and last modified on 2013-03-16
Get this branch:
bzr branch lp:ubuntu/oneiric-security/tomcat7
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

8. By Christian Kuersteiner on 2013-03-15

[Christian Kuersteiner]
* SECURITY UPDATE: Fix multiple vulnerabilities in Tomcat7
  (LP: #1115053)
  - debian/patches/CVE-2012-0022.patch: Fix for Denial of service. Based on
    upstream patch.
  - CVE-2012-0022, CVE-2011-4858
  - debian/patches/CVE-2011-3375.patch: Fix for information disclosure. Based
    on upstream patch.
  - CVE-2011-3375
  - debian/patches/CVE-2011-3376.patch: Fix for privilege escalation. Based on
    upstream patch.
  - CVE-2011-3376
  - debian/patches/CVE-2012-2733.patch: Fix for Apache Tomcat Denial of
    Service. Based on upstream patch.
  - CVE-2012-2733
  - debian/patches/CVE-2012-3546.patch: Fix for bypass of security
    constraints. Based on upstream patch.
  - CVE-2012-3546
  - debian/patches/CVE-2012-4431.patch: Fix for bypass of CSRF prevention
    filter. Based on upstream patch.
  - CVE-2012-4431
  - debian/patches/CVE-2012-4534.patch: Fix for CVE-2012-4534 Denial of
    Service Vulnerability. Based on upstream patch.
  - CVE-2012-4534
  - debian/patches/CVE-2012-3439.patch: Fix for DIGEST authentication
    weaknesses. Based on upstream patch.
  - CVE-2012-3439, CVE-2012-5885, CVE-2012-5886, 2012-5887

[ Jamie Strandboge ]
* allow for easily running the testsuite:
  - debian/control: add testsuite build-depends
  - debian/rules:
    + add 'testsuite' target
    + add ANT_TS_ARGS for use in the testsuite target
    + cleanup the testsuite
  - add debian/README.source for information on how to use the testsuite

7. By James Page on 2011-09-07

* New upstream release.
  - Includes fix for CVE-2011-3190.
* Updated my email address.

6. By Tony Mancill on 2011-07-25

* Team upload.
* New upstream release.
  - Includes fix for CVE-2011-2526 (Closes: #634992)
* Remove patch for CVE-2011-2204 (included upstream).

5. By Tony Mancill on 2011-07-06

* Team upload.
* Correct Suggests: for libtcnative-1 (tomcat-native)
* Add patch for CVE-2011-2204 (Closes: #632882)

4. By Tony Mancill on 2011-06-26

Restore tomcat-juli.jar link in /usr/share/tomcat7/bin.
Thank you to Kristof Csillag for the bug report. (Closes: #631667)

3. By Tony Mancill on 2011-06-23

[ Miguel Landaeta ]
* New upstream release.
* Add missing deps and symlinks for commons-pool ands commons-dbcp jars.

[ tony mancill ]
* Add logrotate file for catalina.out.
* Add build-arch target to debian/rules.

2. By Tony Mancill on 2011-05-17

* Team upload.
* New upstream release.
  Thank you to Ernesto Hern├índez-Novich for providing the basis of
  this packaging.

1. By Tony Mancill on 2011-05-17

Import upstream version 7.0.14

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.