[tomcat8] 01/01: Upload to jessie-security

Emmanuel Bourg ebourg-guest at moszumanska.debian.org
Sat Dec 17 13:49:44 UTC 2016 

This is an automated email from the git hooks/post-receive script.

ebourg-guest pushed a commit to branch jessie
in repository tomcat8.

commit 1d57d1655a516412024bf552a88ffac602d62681
Author: Emmanuel Bourg <ebourg at apache.org>
Date:   Sat Dec 17 09:19:45 2016 +0100

    Upload to jessie-security
---
 debian/changelog | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index f51469c..a7b38c2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,9 @@
-tomcat8 (8.0.14-1+deb8u5) UNRELEASED; urgency=medium
+tomcat8 (8.0.14-1+deb8u5) jessie-security; urgency=high
 
+  * Fixed CVE-2016-9774: Potential privilege escalation when the tomcat8
+    package is upgraded. Thanks to Paul Szabo for the report (Closes: #845393)
+  * Fixed CVE-2016-9775: Potential privilege escalation when the tomcat8
+    package is purged. Thanks to Paul Szabo for the report (Closes: #845385)
   * Fixed CVE-2016-6816: The code that parsed the HTTP request line permitted
     invalid characters. This could be exploited, in conjunction with a proxy
     that also permitted the invalid characters but with a different
@@ -30,13 +34,9 @@ tomcat8 (8.0.14-1+deb8u5) UNRELEASED; urgency=medium
   * Added asm-all.jar to the test classpath to fix TestWebappServiceLoader
   * Fixed a test failure in the new TestNamingContext test added with the fix
     for CVE-2016-6797
-  * Fixed a potential privilege escalation when the tomcat8 package is upgraded.
-    Thanks to Paul Szabo for the report (Closes: #845393)
-  * Fixed a potential privilege escalation when the tomcat8 package is purged.
-    Thanks to Paul Szabo for the report (Closes: #845385)
   * Test failures are no longer ignored and now stop the build
 
- -- Emmanuel Bourg <ebourg at apache.org>  Tue, 22 Nov 2016 23:21:56 +0100
+ -- Emmanuel Bourg <ebourg at apache.org>  Sat, 17 Dec 2016 09:19:36 +0100
 
 tomcat8 (8.0.14-1+deb8u4) jessie-security; urgency=medium
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat8.git

More information about the pkg-java-commits mailing list