Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.maint.java > #9141
| Path | csiph.com!news.mixmin.net!news.unit0.net!news.panservice.it!bofh.it!news.nic.it!robomod |
|---|---|
| From | Markus Koschany <apo@debian.org> |
| Newsgroups | linux.debian.maint.java |
| Subject | Tomcat 8 security update |
| Date | Mon, 30 May 2016 00:20:02 +0200 |
| Message-ID | <rEhdU-3M0-21@gated-at.bofh.it> (permalink) |
| X-Original-To | "team@security.debian.org" <team@security.debian.org> |
| X-Mailbox-Line | From debian-java-request@lists.debian.org Sun May 29 22:12:34 2016 |
| Old-Return-Path | <apo@debian.org> |
| X-Amavis-Spam-Status | No, score=-12 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, LDO_WHITELIST=-5, PGPSIGNATURE=-5, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no |
| X-Policyd-Weight | using cached result; rate: -5 |
| User-Agent | Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.1.0 |
| MIME-Version | 1.0 |
| Content-Type | multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="RQrN3hrhlFPFxaHuLGaa2wctKhx0RH1cE" |
| X-Sa-Exim-Scanned | No (on richard.fcube.de); SAEximRunCond expanded to false |
| X-Mailing-List | <debian-java@lists.debian.org> archive/latest/19469 |
| List-ID | <debian-java.lists.debian.org> |
| List-URL | <https://lists.debian.org/debian-java/> |
| List-Archive | https://lists.debian.org/msgid-search/0ff46564-4292-c688-61fe-aa885f69c70d@debian.org |
| Approved | robomod@news.nic.it |
| Lines | 387 |
| Organization | linux.* mail to news gateway |
| Sender | robomod@news.nic.it |
| X-Original-Cc | "debian-java@lists.debian.org" <debian-java@lists.debian.org> |
| X-Original-Date | Mon, 30 May 2016 00:12:18 +0200 |
| X-Original-Message-ID | <0ff46564-4292-c688-61fe-aa885f69c70d@debian.org> |
| Xref | csiph.com linux.debian.maint.java:9141 |
Show key headers only | View raw
[Multipart message — attachments visible in raw view] - view raw
Hi, I have prepared a security update for Tomcat 8 fixing 7 CVEs. In addition I would like to fix #825786. We currently overwrite file permissions in /etc/tomcat8/ unconditionally which could break user specific changes on upgrade. The fix is to revert to default file permissions root:root (rw-r-r) and change only /etc/tomcat8/tomcat-users.xml. Regards, Markus
Back to linux.debian.maint.java | Previous | Next — Next in thread | Find similar
Tomcat 8 security update Markus Koschany <apo@debian.org> - 2016-05-30 00:20 +0200
Re: Tomcat 8 security update Emmanuel Bourg <ebourg@apache.org> - 2016-05-30 01:10 +0200
Re: Tomcat 8 security update Markus Koschany <apo@debian.org> - 2016-05-30 01:30 +0200
Re: Tomcat 8 security update Emmanuel Bourg <ebourg@apache.org> - 2016-05-30 08:50 +0200
Re: Tomcat 8 security update Moritz Muehlenhoff <jmm@inutil.org> - 2016-05-30 09:00 +0200
csiph-web