[Bug 1057111] [NEW] Sync tomcat6 6.0.35-5 (universe) from Debian unstable (main)
Logan Rosen
1057111 at bugs.launchpad.net
Wed Sep 26 19:20:53 UTC 2012
*** This bug is a security vulnerability ***
Public security bug reported:
Please sync tomcat6 6.0.35-5 (universe) from Debian unstable (main)
Changelog entries since current quantal version 6.0.35-4:
tomcat6 (6.0.35-5) unstable; urgency=low
* Apply patch to README.Debian to explain setting the HTTPOnly flag
in cookies by default; CVE-2010-4312. (Closes: #608286)
- Thank you to Thijs Kinkhorst for the patch.
* Use ucf and a template for /etc/logrotate.d/tomcat6 file to avoid
updating the shipped conffile. (Closes: #687818)
-- tony mancill <tmancill at debian.org> Mon, 06 Aug 2012 21:29:11 -0700
** Affects: tomcat6 (Ubuntu)
Importance: Undecided
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4312
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1057111
Title:
Sync tomcat6 6.0.35-5 (universe) from Debian unstable (main)
Status in “tomcat6” package in Ubuntu:
New
Bug description:
Please sync tomcat6 6.0.35-5 (universe) from Debian unstable (main)
Changelog entries since current quantal version 6.0.35-4:
tomcat6 (6.0.35-5) unstable; urgency=low
* Apply patch to README.Debian to explain setting the HTTPOnly flag
in cookies by default; CVE-2010-4312. (Closes: #608286)
- Thank you to Thijs Kinkhorst for the patch.
* Use ucf and a template for /etc/logrotate.d/tomcat6 file to avoid
updating the shipped conffile. (Closes: #687818)
-- tony mancill <tmancill at debian.org> Mon, 06 Aug 2012 21:29:11
-0700
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tomcat6/+bug/1057111/+subscriptions
More information about the Ubuntu-sponsors
mailing list