[tomcat8] 01/01: Fixed a privilege escalation when the package is purged (Closes: #845385)
Emmanuel Bourg
ebourg-guest at moszumanska.debian.org
Fri Dec 2 09:33:52 UTC 2016
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch jessie
in repository tomcat8.
commit 4f321e73a19688d2605bf284b448c22ae02ddee0
Author: Emmanuel Bourg <ebourg at apache.org>
Date: Fri Dec 2 10:27:10 2016 +0100
Fixed a privilege escalation when the package is purged (Closes: #845385)
---
debian/changelog | 4 +++-
debian/tomcat8.postrm.in | 3 ---
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index e26eb9c..8c45cb1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -25,8 +25,10 @@ tomcat8 (8.0.14-1+deb8u5) UNRELEASED; urgency=medium
* Added asm-all.jar to the test classpath to fix TestWebappServiceLoader
* Fixed a test failure in the new TestNamingContext test added with the fix
for CVE-2016-6797
- * Fixed a privilege escalation when the package is upgraded.
+ * Fixed a potential privilege escalation when the tomcat8 package is upgraded.
Thanks to Paul Szabo for the report (Closes: #845393)
+ * Fixed a potential privilege escalation when the tomcat8 package is purged.
+ Thanks to Paul Szabo for the report (Closes: #845385)
* Test failures are no longer ignored and now stop the build
-- Emmanuel Bourg <ebourg at apache.org> Tue, 22 Nov 2016 23:21:56 +0100
diff --git a/debian/tomcat8.postrm.in b/debian/tomcat8.postrm.in
index d25ce11..d70d5e7 100644
--- a/debian/tomcat8.postrm.in
+++ b/debian/tomcat8.postrm.in
@@ -64,9 +64,6 @@ case "$1" in
/etc/tomcat8/Catalina/localhost /etc/tomcat8/Catalina /etc/tomcat8
# clean up /etc/authbind after conffiles have been removed
rmdir --ignore-fail-on-non-empty /etc/authbind/byuid /etc/authbind
- # Put all files owned by group tomcat8 back into root group before deleting
- # the tomcat8 user and group
- chown -Rhf root:root /etc/tomcat8/ || true
# Remove user/group and log files (don't remove everything under
# /var/lib/tomcat8 because there might be user-installed webapps)
db_get tomcat8/username && TOMCAT8_USER="$RET" || TOMCAT8_USER="tomcat8"
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat8.git
More information about the pkg-java-commits
mailing list