[ubuntu/lucid-security] tomcat6 6.0.24-2ubuntu1.12 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jan 14 13:39:18 UTC 2013
tomcat6 (6.0.24-2ubuntu1.12) lucid-security; urgency=low
* SECURITY UPDATE: security-constraint bypass with FORM auth
- debian/patches/CVE-2012-3546.patch: remove unneeded code in
java/org/apache/catalina/realm/RealmBase.java.
- CVE-2012-3546
* SECURITY UPDATE: denial of service with NIO connector
- debian/patches/CVE-2012-4534.patch: properly handle connection breaks
in java/org/apache/tomcat/util/net/NioEndpoint.java.
- CVE-2012-4534
Date: 2013-01-10 15:16:37.412413+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/lucid/+source/tomcat6/6.0.24-2ubuntu1.12
-------------- next part --------------
Sorry, changesfile not available.
More information about the Lucid-changes
mailing list