[Bug 1073159] Re: Please backport tomcat7 7.0.34 (main) from raring to precise (and quantal)
H.-Dirk Schmitt
dirk at computer42.org
Thu Dec 20 12:57:31 UTC 2012
Due to the following security problems the current 7.0.34 should be
backported.
* CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter (fixed > 7.0.31, affects quantal and precise)
* CVE-2012-3546 Apache Tomcat Bypass of security constraints (fixed > 7.0.29, affects precise)
* CVE-2012-4534 Apache Tomcat denial of service (fixed > 7.0.28, affects precise)
** Summary changed:
- Please backport tomcat7 7.0.30-0ubuntu1 (main) from quantal
+ Please backport tomcat7 7.0.34 (main) from raring to precise (and quantal)
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3546
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-4431
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-4534
** Also affects: quantal-backports
Importance: Undecided
Status: New
** Tags added: quantal
--
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to Precise Backports.
https://bugs.launchpad.net/bugs/1073159
Title:
Please backport tomcat7 7.0.34 (main) from raring to precise (and
quantal)
To manage notifications about this bug go to:
https://bugs.launchpad.net/precise-backports/+bug/1073159/+subscriptions
More information about the ubuntu-backports
mailing list