[ubuntu/yakkety-proposed] tomcat7 7.0.70-3 (Accepted)

LocutusOfBorg costamagnagianfranco at yahoo.it
Fri Sep 16 17:34:42 UTC 2016


tomcat7 (7.0.70-3) unstable; urgency=high

  * Team upload.
  * Fixed CVE-2016-1240: A flaw in the init.d startup script allows local
    attackers who have gained access to the server in the context of the
    tomcat user through a vulnerability in a web application to replace
    the catalina.out file with a symlink to an arbitrary file on the system,
    potentially leading to a root privilege escalation.
    Thanks to Dawid Golunski for the report.

Date: 2016-09-16 10:28:43.200633+00:00
Changed-By: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>
Signed-By: LocutusOfBorg <costamagnagianfranco at yahoo.it>
https://launchpad.net/ubuntu/+source/tomcat7/7.0.70-3
-------------- next part --------------
Sorry, changesfile not available.


More information about the Yakkety-changes mailing list