[Bug 298043] [NEW] Please merge tomcat5.5 5.5.26-5 (universe) from Debian unstable (main)

Thierry Carrez thierry.carrez at ubuntu.com
Fri Nov 14 12:51:07 UTC 2008 

Public bug reported:

Binary package hint: tomcat5.5

Ubuntu changes:
  * Set java source and target version to 1.5 (LP: #264808)
  * Don't fail install if Tomcat cannot be started (LP: #274365, LP: #212536)
  * Fix tomcat5.5 Java environment to match status of Java in intrepid:
    - control: Moved Java runtime deps to libtomcat5.5-java
    - control: Depends on default-jre-headless | java2-runtime-headless
    - tomcat5.5.init: Fix JVM list to match java2-runtime-headless
    - rules, control: Builds with default-jdk, libecj-java build-dep added
    - Fixes LP: #212521, LP: #179447
  * tomcat5.5.postinst: Removed superfluous /etc/tomcat5.5/tomcat5.5 linking
  * rules, tomcat5.5.init: implement TearDown spec
  * tomcat5.5.install: don't install catalina.policy (LP: #112626)
  * Fix CVE-2008-1232 cross-site scripting vulnerability (LP: #256926)
  * Fix CVE-2008-2370 information disclosure vulnerability (LP: #256922)
  * Fix CVE-2008-2938 directory traversal (LP: #256802)

Debian changes:
  * Merge changes from Ubuntu:
    - Use default-jre-headless, default-jdk as preferred alternatives.
    - tomcat5.5.init: Fix JDK list to match default-jre, java-6-openjdk
      and java-6-cacao. Closes: #495235.
    - tomcat5.5.postinst: Removed superfluous /etc/tomcat5.5/tomcat5.5 linking.
      Closes: #498487.
  * debian/copyright: Reference Apache 2.0 license in /usr/share/common/license
  * Security issues fixed.
    - CVE-2008-1232: Cross-site scripting
    - CVE-2008-2370: Information disclosure
    - CVE-2008-2938: Directory traversal. Closes: #496309.

** Affects: tomcat5.5 (Ubuntu)
     Importance: Wishlist
     Assignee: Thierry Carrez (tcarrez)
         Status: In Progress

** Changed in: tomcat5.5 (Ubuntu)
   Importance: Undecided => Wishlist
     Assignee: (unassigned) => Thierry Carrez (tcarrez)
       Status: New => In Progress

-- 
Please merge tomcat5.5 5.5.26-5 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/298043
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

More information about the universe-bugs mailing list