[Bug 298043] Re: Please merge tomcat5.5 5.5.26-5 (universe) from Debian unstable (main)

Launchpad Bug Tracker 298043 at bugs.launchpad.net
Tue Nov 18 14:10:17 GMT 2008 

This bug was fixed in the package tomcat5.5 - 5.5.26-5ubuntu1

---------------
tomcat5.5 (5.5.26-5ubuntu1) jaunty; urgency=low

  * Merge from debian unstable (LP: #298043), remaining changes:
    - debian/control: add libecj-java builddep to fix FTBFS with default-jdk
    - debian/rules: Set java source and target version to 1.5
    - debian/rules: Don't fail install if Tomcat cannot be started
    - debian/tomcat5.5.init: Fix JVM list to match java2-runtime-headless
      providers, and do not refuse using JREs
    - debian/tomcat5.5.install: Don't install catalina.policy
  * debian/changelog: Removed duplicate entries
  * debian/tomcat5.5.init: Added LSB exit codes to status action (LP: #298051)
  * debian/rules: dropped Ubuntu-specific TearDown implementation which might
    break LifecycleListener

tomcat5.5 (5.5.26-5) unstable; urgency=medium

  * Merge changes from Ubuntu:
    - Use default-jre-headless, default-jdk as preferred alternatives.
    - tomcat5.5.init: Fix JDK list to match default-jre, java-6-openjdk
      and java-6-cacao. Closes: #495235.
    - tomcat5.5.postinst: Removed superfluous /etc/tomcat5.5/tomcat5.5 linking.
      Closes: #498487.
  * debian/copyright: Reference Apache 2.0 license in /usr/share/common/licenses

tomcat5.5 (5.5.26-4) unstable; urgency=high

  * Security issues fixed.
    - CVE-2008-1232: Cross-site scripting
    - CVE-2008-2370: Information disclosure
    - CVE-2008-2938: Directory traversal. Closes: #496309.

tomcat5.5 (5.5.26-3ubuntu3) intrepid; urgency=low

  * Set java source and target version to 1.5 (LP: #264808)

 -- Thierry Carrez <thierry.carrez at ubuntu.com>   Tue, 18 Nov 2008
13:52:48 +0100

** Changed in: tomcat5.5 (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1232

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-2370

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-2938

-- 
Please merge tomcat5.5 5.5.26-5 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/298043
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.

More information about the Ubuntu-universe-sponsors mailing list