[tomcat8] annotated tag debian/8.0.14-1+deb8u5 created (now 810f4bd)
Emmanuel Bourg
ebourg-guest at moszumanska.debian.org
Mon Dec 19 14:39:12 UTC 2016
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to annotated tag debian/8.0.14-1+deb8u5
in repository tomcat8.
at 810f4bd (tag)
tagging 1d57d1655a516412024bf552a88ffac602d62681 (commit)
replaces debian/8.0.14-1+deb8u4
tagged by Emmanuel Bourg
on Mon Dec 19 15:39:07 2016 +0100
- Log -----------------------------------------------------------------
tomcat8 Debian release 8.0.14-1+deb8u5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJYV/ELAAoJEPUTxBnkudCsfRkP/3K28WwD+qNY/dZ215CU5+aw
braIQ1bPfbJglihn9PneAxTtK4Evn9l3xLpMuGUeCXa8cqVEgzhX440RH4bX7xyA
u0om/R3+0QGw+EVfSWY03IdjjMAfSewbTZ/WhyyqUXBrqtrvZsROaMSc4xp7lPql
OyhAesdMz1jCx8dhX5n51S2Qym38wNEaN1/uiVu826FzDBOV9ZX2pfFGkY5gEIp2
HebNT7ttZ4jeIShMMjbNQgTzEn6l/0TkeAJZQwg6kI4I9y4ZGD09diavpdm+08rg
L0h2CTlBWyCaocS4WIAHD7O9elg9BUT71erGxd1W47SeUPxf+ZpF6+XmopZGBN2l
YNP9XsjS/74nAlH0KNIBYbvpAdQAR6isahV8iFgkaJ46eCqis/A6zqUq0rM72bIs
jGIwlRbrtmE8UlUTeuOXSLPXCet4KVdCjgwYHda9oWvQGvcWKjEx8YMwAjGDlkua
FrEwhSVSTcz58SHLYnoZlDi5VWO+sneVx59IHzq2c3anL/TaYXbo4dv8FfCO6H41
5WSK7bcIM9s0U3gHE4VACoYevuVqk+L8J5xlvRx0nLfKLDTivdOciaIAGNJ3/Awl
9hfak3faVhvNEkpPX5TpMqa8umcX3N+vygMgApJdagBFC4jGGJRFMNNRFW3/da97
fGP6X0g214VgnjPAl9Rv
=J8B7
-----END PGP SIGNATURE-----
Emmanuel Bourg (16):
Fixed CVE-2016-6816: Information Disclosure
Fixed BZ 57377: Enable SSL to be configured for the JMX/RMI registry as well as the server
Fixed CVE-2016-8735: Remote Code Execution
Fixed the test failure in Test*NonLoginAndBasicAuthenticator caused by recent JREs
Refreshed the expired SSL certificates used by the tests
Backported a fix disabling the broken SSLv3 tests
Set the locale when running the tests to prevent locale sensitive tests from failing
Added asm-all.jar to the test classpath to fix TestWebappServiceLoader
Fixed the test failure in TestNamingContext
Test failures are no longer ignored and now stop the build
Fixed a privilege escalation when the package is upgraded (Closes: #845393)
Fixed a privilege escalation when the package is purged (Closes: #845385)
CVE-2016-5018 follow-up: Fixed the ClassNotFoundException when the security manager is enabled (see #846298)
CVE-2016-6797 follow-up: Fixed a regression preventing some applications from accessing the global resources (see #845425)
CVE-2015-5345 follow-up: Applied a missing modification to DefaultServlet
Upload to jessie-security
-----------------------------------------------------------------------
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat8.git
More information about the pkg-java-commits
mailing list