[tomcat8] annotated tag debian/8.0.14-1+deb8u5 created (now 810f4bd)

Emmanuel Bourg ebourg-guest at moszumanska.debian.org
Mon Dec 19 14:39:12 UTC 2016 

This is an automated email from the git hooks/post-receive script.

ebourg-guest pushed a change to annotated tag debian/8.0.14-1+deb8u5
in repository tomcat8.

        at  810f4bd   (tag)
   tagging  1d57d1655a516412024bf552a88ffac602d62681 (commit)
  replaces  debian/8.0.14-1+deb8u4
 tagged by  Emmanuel Bourg
        on  Mon Dec 19 15:39:07 2016 +0100

- Log -----------------------------------------------------------------
tomcat8 Debian release 8.0.14-1+deb8u5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAABAgAGBQJYV/ELAAoJEPUTxBnkudCsfRkP/3K28WwD+qNY/dZ215CU5+aw
braIQ1bPfbJglihn9PneAxTtK4Evn9l3xLpMuGUeCXa8cqVEgzhX440RH4bX7xyA
u0om/R3+0QGw+EVfSWY03IdjjMAfSewbTZ/WhyyqUXBrqtrvZsROaMSc4xp7lPql
OyhAesdMz1jCx8dhX5n51S2Qym38wNEaN1/uiVu826FzDBOV9ZX2pfFGkY5gEIp2
HebNT7ttZ4jeIShMMjbNQgTzEn6l/0TkeAJZQwg6kI4I9y4ZGD09diavpdm+08rg
L0h2CTlBWyCaocS4WIAHD7O9elg9BUT71erGxd1W47SeUPxf+ZpF6+XmopZGBN2l
YNP9XsjS/74nAlH0KNIBYbvpAdQAR6isahV8iFgkaJ46eCqis/A6zqUq0rM72bIs
jGIwlRbrtmE8UlUTeuOXSLPXCet4KVdCjgwYHda9oWvQGvcWKjEx8YMwAjGDlkua
FrEwhSVSTcz58SHLYnoZlDi5VWO+sneVx59IHzq2c3anL/TaYXbo4dv8FfCO6H41
5WSK7bcIM9s0U3gHE4VACoYevuVqk+L8J5xlvRx0nLfKLDTivdOciaIAGNJ3/Awl
9hfak3faVhvNEkpPX5TpMqa8umcX3N+vygMgApJdagBFC4jGGJRFMNNRFW3/da97
fGP6X0g214VgnjPAl9Rv
=J8B7
-----END PGP SIGNATURE-----

Emmanuel Bourg (16):
      Fixed CVE-2016-6816: Information Disclosure
      Fixed BZ 57377: Enable SSL to be configured for the JMX/RMI registry as well as the server
      Fixed CVE-2016-8735: Remote Code Execution
      Fixed the test failure in Test*NonLoginAndBasicAuthenticator caused by recent JREs
      Refreshed the expired SSL certificates used by the tests
      Backported a fix disabling the broken SSLv3 tests
      Set the locale when running the tests to prevent locale sensitive tests from failing
      Added asm-all.jar to the test classpath to fix TestWebappServiceLoader
      Fixed the test failure in TestNamingContext
      Test failures are no longer ignored and now stop the build
      Fixed a privilege escalation when the package is upgraded (Closes: #845393)
      Fixed a privilege escalation when the package is purged (Closes: #845385)
      CVE-2016-5018 follow-up: Fixed the ClassNotFoundException when the security manager is enabled (see #846298)
      CVE-2016-6797 follow-up: Fixed a regression preventing some applications from accessing the global resources (see #845425)
      CVE-2015-5345 follow-up: Applied a missing modification to DefaultServlet
      Upload to jessie-security

-----------------------------------------------------------------------

No new revisions were added by this update.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat8.git

More information about the pkg-java-commits mailing list