[tomcat8] annotated tag debian/8.0.14-1+deb8u4 created (now d03a278)
Emmanuel Bourg
ebourg-guest at moszumanska.debian.org
Tue Nov 22 10:22:18 UTC 2016
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a change to annotated tag debian/8.0.14-1+deb8u4
in repository tomcat8.
at d03a278 (tag)
tagging 2978fb69aefbe4e413b46e8c2d2311c77be43588 (commit)
replaces debian/8.0.14-1+deb8u3
tagged by Emmanuel Bourg
on Tue Nov 22 11:22:04 2016 +0100
- Log -----------------------------------------------------------------
tomcat8 Debian release 8.0.14-1+deb8u4
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJYNBxMAAoJEPUTxBnkudCsNPgQAJcAqMDApFilGF8nWrF0jP+o
wpqQk/x0rtjeAkB4t/Z+TtV4RsyFuAD6RbEHq5B651g6IrEx98ZgpOGtyE2dS9mn
K9gUi/HICX0BxbIzhzkCLBq4l93OhS5iQB+e9soE6ecQME6sjLpWLI2yS/yWaan6
ayPl7Wa0Z7h2E+UiQ11lSskm121JRBCwdxNWf+GbHxphLCwkD1SzASowr1QxZOZG
vhIx+lZcZ25LJzZ6EgGBB+fx1iYq7ebta23A0Bf0+pEqUzz9mBt21M/iIxyR8gJX
FeYMEHwhymlr1toVjt4CLW1PNBlUAolrtzTLXjCrP6I++RSEF1xoX1zAZ/M0E7r5
u+j1uRw+8DNKbj+GdBsIeuHd5xO/OhzT5hvDUnNXO918FLtpwXPCyM2gyTxSR/Kw
WDTWQBmc+GafRqWVuwliIyQBhaBtmVPUnqrpYqImaGJXEii9KAqPRceM5ikgKabv
+3K9Foj1ka2wb5mCDeDIygD4I+zj2oYtZB4eOI9kbE0JZ1/hVLZVZwHlus7aR8e7
hXYSmQpaqHN/yDwOFp1F3ALVyOxLWKKYH9rATbLn9paVcty8SntByR7bwCm6rcy6
Y8NKpuskEeR6iudliA78Yrm2BkpbUVvLLcJd/8feTeoWQKkz6BxBDVUa5x6B0E7M
/jJv5XQjUKI2rCRWBCCk
=oD9k
-----END PGP SIGNATURE-----
Emmanuel Bourg (9):
Fixed a race condition in tomcat8.init that could be exploited to chown/chmod any file, thanks to Paul Szabo
Moved the generated catalina.policy file to /var/lib/tomcat8/policy
Hardened the init.d script, thanks to Paul Szabo (Closes: #840685)
Fixed CVE-2016-6794: System Property Disclosure
Fixed CVE-2016-5018: Security Manager Bypass
Fixed CVE-2016-6797: Unrestricted Access to Global Resources
Fixed CVE-2016-6796: Security Manager Bypass
Fixed CVE-2016-0762: Timing Attack
Upload to jessie-security
-----------------------------------------------------------------------
No new revisions were added by this update.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat8.git
More information about the pkg-java-commits
mailing list