Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.maint.java > #8884

Tomcat 6 security vulnerabilities in Wheezy

From Markus Koschany <apo@debian.org>
Newsgroups linux.debian.maint.java
Subject Tomcat 6 security vulnerabilities in Wheezy
Date 2016-02-18 14:50 +0100
Message-ID <r3x7Y-6f7-13@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

[Multipart message — attachments visible in raw view] - view raw

Hi,

According to [1] Tomcat 6 in Wheezy is still affected by a couple of
security vulnerabilities that were already fixed in Squeeze-LTS and
Jessie. Would it be sensible to apply the same changes (backporting the
6.0.41 release to Wheezy too) or are there any reasons why this has not
been done before? Has anybody spoken with the Security Team about Tomcat
security updates in general? Do they approve of backporting newer
upstream releases?

Regards,

Markus



[1] https://security-tracker.debian.org/tracker/source-package/tomcat6

Back to linux.debian.maint.java | Previous | NextNext in thread | Find similar

Thread

Tomcat 6 security vulnerabilities in Wheezy Markus Koschany <apo@debian.org> - 2016-02-18 14:50 +0100
  Re: Tomcat 6 security vulnerabilities in Wheezy tony mancill <tmancill@debian.org> - 2016-02-18 18:10 +0100
  Re: Tomcat 6 security vulnerabilities in Wheezy Emmanuel Bourg <ebourg@apache.org> - 2016-02-18 18:20 +0100
    Re: Tomcat 6 security vulnerabilities in Wheezy Markus Koschany <apo@debian.org> - 2016-02-18 18:30 +0100
      Re: Tomcat 6 security vulnerabilities in Wheezy Moritz Mühlenhoff <jmm@inutil.org> - 2016-02-18 20:50 +0100
        Re: Tomcat 6 security vulnerabilities in Wheezy Markus Koschany <apo@debian.org> - 2016-02-21 18:50 +0100
          Re: Tomcat 6 security vulnerabilities in Wheezy Markus Koschany <apo@debian.org> - 2016-02-27 23:50 +0100
            Re: Tomcat 6 security vulnerabilities in Wheezy Moritz Mühlenhoff <jmm@inutil.org> - 2016-03-14 23:10 +0100
              Re: Tomcat 6 security vulnerabilities in Wheezy Markus Koschany <apo@debian.org> - 2016-03-16 14:30 +0100
                Re: Tomcat 6 security vulnerabilities in Wheezy Moritz Mühlenhoff <jmm@inutil.org> - 2016-03-25 00:40 +0100

csiph-web