[ubuntu/cosmic-proposed] tomcat8 8.5.30-1ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu May 31 12:03:13 UTC 2018
tomcat8 (8.5.30-1ubuntu3) cosmic; urgency=medium
* SECURITY UPDATE: CORS filter has insecure defaults
- debian/patches/CVE-2018-8014.patch: change defaults in
java/org/apache/catalina/filters/CorsFilter.java,
java/org/apache/catalina/filters/LocalStrings.properties,
test/org/apache/catalina/filters/TestCorsFilter.java,
test/org/apache/catalina/filters/TesterFilterConfigs.java.
- CVE-2018-8014
Date: Thu, 31 May 2018 07:14:54 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/tomcat8/8.5.30-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 31 May 2018 07:14:54 -0400
Source: tomcat8
Binary: tomcat8-common tomcat8 tomcat8-user libtomcat8-java libtomcat8-embed-java libservlet3.1-java libservlet3.1-java-doc tomcat8-admin tomcat8-examples tomcat8-docs
Architecture: source
Version: 8.5.30-1ubuntu3
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libservlet3.1-java - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API classes
libservlet3.1-java-doc - Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.0 Java API documenta
libtomcat8-embed-java - Apache Tomcat 8 - Servlet and JSP engine -- embed libraries
libtomcat8-java - Apache Tomcat 8 - Servlet and JSP engine -- core libraries
tomcat8 - Apache Tomcat 8 - Servlet and JSP engine
tomcat8-admin - Apache Tomcat 8 - Servlet and JSP engine -- admin web application
tomcat8-common - Apache Tomcat 8 - Servlet and JSP engine -- common files
tomcat8-docs - Apache Tomcat 8 - Servlet and JSP engine -- documentation
tomcat8-examples - Apache Tomcat 8 - Servlet and JSP engine -- example web applicati
tomcat8-user - Apache Tomcat 8 - Servlet and JSP engine -- tools to create user
Changes:
tomcat8 (8.5.30-1ubuntu3) cosmic; urgency=medium
.
* SECURITY UPDATE: CORS filter has insecure defaults
- debian/patches/CVE-2018-8014.patch: change defaults in
java/org/apache/catalina/filters/CorsFilter.java,
java/org/apache/catalina/filters/LocalStrings.properties,
test/org/apache/catalina/filters/TestCorsFilter.java,
test/org/apache/catalina/filters/TesterFilterConfigs.java.
- CVE-2018-8014
Checksums-Sha1:
6b028946f0184ed4a43e5d7bca2e9d87087950d5 2986 tomcat8_8.5.30-1ubuntu3.dsc
9e1402d8c5d2e62bb2836b50a759b2be3df27332 70964 tomcat8_8.5.30-1ubuntu3.debian.tar.xz
401541e5b6b7253726d78ea23ede5f16e3d31591 11896 tomcat8_8.5.30-1ubuntu3_source.buildinfo
Checksums-Sha256:
c6629676459d7316ab7e59f131bd99e21b0fa8d429119336afb0853468086e5d 2986 tomcat8_8.5.30-1ubuntu3.dsc
3b90954f9440026a0de0a5ace446e3943f3049f05d1926e888836d41ab20a1ab 70964 tomcat8_8.5.30-1ubuntu3.debian.tar.xz
eaeab4be6ada82efaadbb44805e87c5de4cab4c0330040d56bc9ac7f620bb04e 11896 tomcat8_8.5.30-1ubuntu3_source.buildinfo
Files:
caad53bb04fc37b708cea95d6f217935 2986 java optional tomcat8_8.5.30-1ubuntu3.dsc
6d336a0e1858367f4dc4366e1f790f17 70964 java optional tomcat8_8.5.30-1ubuntu3.debian.tar.xz
f6aa06f3de543614106b253df2bee885 11896 java optional tomcat8_8.5.30-1ubuntu3_source.buildinfo
Original-Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlsP4ggACgkQZWnYVadE
vpNJlQ/9FQWeomKtuL7OY5ioHHKIyQF1ASMIX2pLn+Th1xQ4q5LmlDF0QNxs86FY
x1LRYPhvAtBdOxPrFJBYymdsg9nElTijZHUTqHOLQog/+4Rf8t65+TU/gLHwiW0q
b28Z94C5IFnlLtG7Lxl0/5kVqAgOtJoTkVS5wl7SlH84LOkG4oFCYMn3Ix4eHYwJ
oM4lRqkLTtjpHAJaoTBBuUd2RQVC6eqEQLGhv9l9j6idKT3R1JLO0cnMTukXoN49
aj0mZceQ8FCPCkqJD2/7KzzkTyvjboyZClUx6fDJV4FKq608zEXsL3PJi7uXHfYY
8HTzm2UiswU721u/FxxDu4ePsALlyy4ITxzDTos5yTYTRIn1n8S3Tkv7jzi0+pnK
dU4hH+qlRD2OuGnJRduXOlYV9JbsGO+J/qRAwXSX6ojVy+BD0ZUwjM1rnulOZBd4
ZWHm0KlxFhBpcBsCtYto4QKzfCpB51MqQC3DOho1vGUJKQEOjwj04Pd2x/dMXUMg
kBwiR6FX+xucW56WaGvSzzPGVWcIaDIwtAi3xdKqlMSWkDRpGrqi+PpAGkTtqSC1
mGY0uTlnz/Yi+rIR4wNP2Atl+DnBmq6sbtdF3my1nnT77nXhulnR3bEQJa4yQLi/
OEFLdh9bopxvcPWoPoU5/TSvHGcTA+4PHaDD0x6F2XbvQJBwVlo=
=F49g
-----END PGP SIGNATURE-----
More information about the Cosmic-changes
mailing list