Viewing all changes in revision 25.
- Committer: Bazaar Package Importer
- Date: 2011-01-13 15:16:35 UTC
- Revision ID: james.westby@ubuntu.com-20110113151635-8kv67o69x3tcsrbn
* SECURITY UPDATE: cross-site scripting in Manager application
- debian/patches/0011-CVE-2010-4172.patch: add proper escaping to
java/org/apache/catalina/manager/JspHelper.java,
webapps/manager/WEB-INF/jsp/{sessionDetail,sessionsList}.jsp.
- patch from Debian 6.0.28-9 package
- CVE-2010-4172
- debian/patches/0011-CVE-2010-4172.patch: add proper escaping to
java/org/apache/catalina/manager/JspHelper.java,
webapps/manager/WEB-INF/jsp/{sessionDetail,sessionsList}.jsp.
- patch from Debian 6.0.28-9 package
- CVE-2010-4172
- files added:
- .pc/0011-CVE-2010-4172.patch
- .pc/0011-CVE-2010-4172.patch/java
- .pc/0011-CVE-2010-4172.patch/java/org
- .pc/0011-CVE-2010-4172.patch/java/org/apache
- .pc/0011-CVE-2010-4172.patch/java/org/apache/catalina
- .pc/0011-CVE-2010-4172.patch/java/org/apache/catalina/manager
- .pc/0011-CVE-2010-4172.patch/webapps
- .pc/0011-CVE-2010-4172.patch/webapps/manager
- .pc/0011-CVE-2010-4172.patch/webapps/manager/WEB-INF
- .pc/0011-CVE-2010-4172.patch/webapps/manager/WEB-INF/jsp
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
