-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2013-05-21 09:39:22 UTC
-
Revision ID:
package-import@ubuntu.com-20130521093922-ickfs3vu61z2zjoy
Tags: 6.0.35-1ubuntu3.3
* SECURITY UPDATE: denial of service via chunked transfer encoding
- debian/patches/CVE-2012-3544.patch: properly parse CRLF in requests
in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java.
- CVE-2012-3544
* SECURITY UPDATE: FORM authentication request injection
- debian/patches/CVE-2013-2067.patch: properly change session ID
in java/org/apache/catalina/authenticator/FormAuthenticator.java.
- CVE-2013-2067