Path: csiph.com!aioe.org!bofh.it!news.nic.it!robomod
From: Moritz Muehlenhoff <jmm@inutil.org>
Newsgroups: linux.debian.maint.java
Subject: Re: Tomcat 8 security update
Date: Mon, 30 May 2016 09:00:01 +0200
Message-ID: <rEpl7-EG-1@gated-at.bofh.it>
References: <rEhdU-3M0-21@gated-at.bofh.it> <rEi0h-4tt-1@gated-at.bofh.it> <rEijD-4CY-1@gated-at.bofh.it> <rEpbs-B4-27@gated-at.bofh.it>
X-Mailbox-Line: From debian-java-request@lists.debian.org  Mon May 30 06:50:57 2016
Old-Return-Path: <jmm@inutil.org>
X-Amavis-Spam-Status: No, score=-10.726 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, LDO_WHITELIST=-5, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no
X-Policyd-Weight: using cached result; rate: -6.1
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.5.20 (2009-06-14)
X-Sa-Exim-Connect-IP: <locally generated>
X-Sa-Exim-Mail-From: jmm@inutil.org
X-Sa-Exim-Scanned: No (on inutil.org); SAEximRunCond expanded to false
X-Mailing-List: <debian-java@lists.debian.org> archive/latest/19473
List-ID: <debian-java.lists.debian.org>
List-URL: <https://lists.debian.org/debian-java/>
List-Archive: https://lists.debian.org/msgid-search/20160530065029.GA6951@inutil.org
Approved: robomod@news.nic.it
Lines: 17
Organization: linux.* mail to news gateway
Sender: robomod@news.nic.it
X-Original-Cc: Markus Koschany <apo@debian.org>, "team@security.debian.org" <team@security.debian.org>, "debian-java@lists.debian.org" <debian-java@lists.debian.org>
X-Original-Date: Mon, 30 May 2016 08:50:29 +0200
X-Original-Message-ID: <20160530065029.GA6951@inutil.org>
X-Original-References: <0ff46564-4292-c688-61fe-aa885f69c70d@debian.org> <5ebe4f0d-65b7-9470-bce8-25c50ef76fdf@apache.org> <3ae472aa-29f8-bf20-205f-49f678c399c7@debian.org> <64ff92db-940a-0ef2-51e8-61afd8b4c29e@apache.org>
Xref: csiph.com linux.debian.maint.java:9145

On Mon, May 30, 2016 at 08:42:52AM +0200, Emmanuel Bourg wrote:
> Le 30/05/2016 à 01:24, Markus Koschany a écrit :
> 
> > OK, then let's update the third line to
> > 
> > chown -Rh $TOMCAT8_USER:$TOMCAT8_GROUP /etc/tomcat8/Catalina
> > /var/lib/tomcat8/webapps /var/lib/tomcat8/lib
> 
> I don't feel comfortable fixing #825786 directly in a stable security
> update. It would be safer to test it in unstable/testing first, we may
> have missed some important use cases.

Agreed, let's fix the remaining ones for now and have this cook in sid/stretch
first.

Cheers,
        Moritz