Path: csiph.com!aioe.org!bofh.it!news.nic.it!robomod
From: =?UTF-8?Q?Moritz_M=C3=BChlenhoff?= <jmm@inutil.org>
Newsgroups: linux.debian.maint.java
Subject: Re: Tomcat 6 security vulnerabilities in Wheezy
Date: Mon, 14 Mar 2016 23:10:01 +0100
Message-ID: <rcIQx-1o0-1@gated-at.bofh.it>
References: <r3x7Y-6f7-13@gated-at.bofh.it> <r3Apc-pQ-11@gated-at.bofh.it> <r3AyS-uN-9@gated-at.bofh.it> <r3CKn-23z-27@gated-at.bofh.it> <r4GiT-12G-47@gated-at.bofh.it> <r6VQt-1fb-1@gated-at.bofh.it>
X-Mailbox-Line: From debian-java-request@lists.debian.org  Mon Mar 14 22:06:53 2016
Old-Return-Path: <jmm@inutil.org>
X-Amavis-Spam-Status: No, score=-9.301 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, LDO_WHITELIST=-5, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
X-Policyd-Weight: using cached result; rate: -6.1
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.24 (2015-08-30)
X-Sa-Exim-Connect-IP: 95.33.106.37
X-Sa-Exim-Mail-From: jmm@inutil.org
X-Sa-Exim-Scanned: No (on inutil.org); SAEximRunCond expanded to false
X-Mailing-List: <debian-java@lists.debian.org> archive/latest/19258
List-ID: <debian-java.lists.debian.org>
List-URL: <https://lists.debian.org/debian-java/>
List-Archive: https://lists.debian.org/msgid-search/20160314220627.GA8779@pisco.westfalen.local
Approved: robomod@news.nic.it
Lines: 14
Organization: linux.* mail to news gateway
Sender: robomod@news.nic.it
X-Original-Cc: "team@security.debian.org" <team@security.debian.org>, "debian-java@lists.debian.org" <debian-java@lists.debian.org>
X-Original-Date: Mon, 14 Mar 2016 23:06:27 +0100
X-Original-Message-ID: <20160314220627.GA8779@pisco.westfalen.local>
X-Original-References: <56C5CB0C.8040400@debian.org> <56C5FAF0.80801@apache.org> <56C5FE41.9020603@debian.org> <20160218194601.GA2305@pisco.westfalen.local> <56C9F70A.7050601@debian.org> <56D22719.5020003@debian.org>
Xref: csiph.com linux.debian.maint.java:8933

On Sat, Feb 27, 2016 at 11:45:45PM +0100, Markus Koschany wrote:
> Hi,
> 
> as you know Tomcat 6 is affected by new security vulnerabilities that
> are fixed in version 6.0.45. Do you want me to replace the last version
> I sent to you regarding Wheezy with this one or shall I upload version
> 6.0.41 instead, which is more tested, and prepare another upload
> afterwards. I wouldn't mind this incremental approach but I could also
> merge 6.0.45 into Wheezy right now.

Sorry for the late reply. Let's move to 6.0.45 rightaway.

Cheers,
        Moritz