[Bug 1115053] Re: Parameter Handling Denial of Service in Oneiric

[Marc Deslauriers]

tomcat7 in oneiric is vulnerable to the following CVEs:

CVE-2011-3375
CVE-2011-3376
CVE-2011-4858
CVE-2012-0022
CVE-2012-2733
CVE-2012-3546
CVE-2012-4431
CVE-2012-4534
CVE-2012-5568
CVE-2012-5885
CVE-2012-5886
CVE-2012-5887

See the CVE tracker for more information:
http://people.canonical.com/~ubuntu-security/cve/pkg/tomcat7.html

Do you think you could prepare a debdiff that fixes all those issues,
instead of just the single one?

Thanks!

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3375

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-3376

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-4858

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-2733

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3546

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-4431

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-4534

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5568

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5885

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5886

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5887

** Changed in: tomcat7 (Ubuntu)
       Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1115053

Title:
  Parameter Handling Denial of Service in Oneiric

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1115053/+subscriptions