lp:ubuntu/precise-updates/tomcat7

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

13. By Christian Kuersteiner on 2013-03-19

[Christian Kuersteiner]
* SECURITY UPDATE: Fix multiple vulnerabilities in Tomcat7
  (LP: #1115053)
  - debian/patches/0013-CVE-2012-2733.patch: Fix for Apache Tomcat Denial of
    Service. Based on upstream patch.
  - CVE-2012-2733
  - debian/patches/0014-CVE-2012-3546.patch: Fix for bypass of security
    constraints. Based on upstream patch.
  - CVE-2012-3546
  - debian/patches/0015-CVE-2012-4431.patch: Fix for bypass of CSRF prevention
    filter. Based on upstream patch.
  - CVE-2012-4431
  - debian/patches/0016-CVE-2012-4534.patch: Fix for CVE-2012-4534 Denial of
    Service Vulnerability. Based on upstream patch.
  - CVE-2012-4534
  - debian/patches/CVE-2012-3439.patch: Fix for DIGEST authentication
    weaknesses. Based on upstream patch.
  - CVE-2012-3439, CVE-2012-5885, CVE-2012-5886, 2012-5887

[ Jamie Strandboge ]
* allow for easily running the testsuite:
  - debian/control: add testsuite build-depends
  - debian/rules:
    + add 'testsuite' target
    + add ANT_TS_ARGS for use in the testsuite target
    + cleanup the testsuite
  - add debian/README.source for information on how to use the testsuite

12. By James Page on 2012-04-11

* Handle creation of user instances with pathnames containing spaces
  (LP: #977498):
  - d/tomcat7-instance-create: Quote access to files and directories
    so that spaces can be used when creating user instances.

11. By Tony Mancill on 2012-03-01

[ Jakub Adam ]
* New upstream release.
* Add Jakub Adam to Uploaders.
* Bump Standards-Version to 3.9.3.
* Don't Depend libservlet3.0-java-doc on package it documents, relax
  to Suggests.

[ tony mancill ]
* Add Polish debconf translation. (Closes: #661644)
  - Thanks to Michał Kułach.

10. By Tony Mancill on 2012-02-26

* Add nl.po debconf translation (Closes: #651162)
  - Thanks to Jeroen Schot
* Add java6-runtime-headless | java6-runtime to tomcat7-common Depends
  (Closes: #660757)
* Remove java-5-runtime from tomcat7-common Depends; tomcat7 requires
  Java 1.6 according to http://tomcat.apache.org/whichversion.html.
  Also remove Java 1.5 paths from JDK path search in init script.
* Update init script to locate multiarch OpenJDKs (Closes: #651487)
* Apply patch to report build versions as a.b.c.d (Closes: #651492)
  - Thanks to Jorge Barreiro González
* Bump Standards-Version to 3.9.3.

9. By Miguel Landaeta on 2011-11-27

* New upstream release.
* Refresh patches.

8. By Tony Mancill on 2011-10-08

[ Miguel Landaeta ]
* New upstream release.
* Fix lintian warning about format specification of copyright file.

[ tony mancill ]
* Add dependency on JRE to tomcat7-common (Closes: #644340)
* Modify init script to look for JVM in /usr/lib/jvm/default-java

7. By James Page on 2011-09-07

* New upstream release.
  - Includes fix for CVE-2011-3190.
* Updated my email address.

6. By Tony Mancill on 2011-07-25

* Team upload.
* New upstream release.
  - Includes fix for CVE-2011-2526 (Closes: #634992)
* Remove patch for CVE-2011-2204 (included upstream).

5. By Tony Mancill on 2011-07-06

* Team upload.
* Correct Suggests: for libtcnative-1 (tomcat-native)
* Add patch for CVE-2011-2204 (Closes: #632882)

4. By Tony Mancill on 2011-06-26

Restore tomcat-juli.jar link in /usr/share/tomcat7/bin.
Thank you to Kristof Csillag for the bug report. (Closes: #631667)