~ubuntu-branches/ubuntu/quantal/tomcat7/quantal-security

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-03-04 10:45:20 UTC
  • Revision ID: package-import@ubuntu.com-20140304104520-77300687zvi86zm5
Tags: 7.0.30-0ubuntu1.3
* SECURITY UPDATE: request smuggling attack via content-length headers
  - debian/patches/CVE-2013-4286.patch: use long as content length in
    java/org/apache/coyote/Request.java, handle multiple content lengths
    in java/org/apache/coyote/ajp/AbstractAjpProcessor.java, handle
    content length and chunked encoding being both specified in
    java/org/apache/coyote/http11/AbstractHttp11Processor.java.
  - CVE-2013-4286
* SECURITY UPDATE: denial of service via chunked transfer coding
  - debian/patches/CVE-2013-4322.patch: enforce maximum size in
    java/org/apache/coyote/http11/{AbstractHttp11Processor.java,
    AbstractHttp11Protocol.java, Http11AprProcessor.java,
    Http11AprProtocol.java, Http11NioProcessor.java,
    Http11NioProtocol.java, Http11Processor.java, Http11Protocol.java},
    java/org/apache/coyote/http11/filters/ChunkedInputFilter.java,
    test/org/apache/coyote/http11/filters/TestChunkedInputFilter.java,
    webapps/docs/config/http.xml.
  - CVE-2013-4322
* SECURITY UPDATE: denial of service via malformed content-type header
  - debian/patches/CVE-2014-0050.patch: validate sizes in
    java/org/apache/tomcat/util/http/fileupload/FileUploadBase.java,
    java/org/apache/tomcat/util/http/fileupload/MultipartStream.java.
  - CVE-2014-0050
* d/p/0018-update-test-certificates.patch: remove binary parts to
  support newer quilt.
Filename Latest Rev Last Changed Committer Comment Size
..
.pc 2 12 years ago Bazaar Package Importer * Team upload. * New upstream release. Thank you Diff
bin 1 12 years ago Bazaar Package Importer Import upstream version 7.0.14 Diff
conf 1 12 years ago Bazaar Package Importer Import upstream version 7.0.14 Diff
debian 2 12 years ago Bazaar Package Importer * Team upload. * New upstream release. Thank you Diff
java 1 12 years ago Bazaar Package Importer Import upstream version 7.0.14 Diff
modules 1.1.1 12 years ago Bazaar Package Importer Import upstream version 7.0.16 Diff
res 1 12 years ago Bazaar Package Importer Import upstream version 7.0.14 Diff
test 1 12 years ago Bazaar Package Importer Import upstream version 7.0.14 Diff
webapps 1 12 years ago Bazaar Package Importer Import upstream version 7.0.14 Diff
.gitignore 1.1.7 11 years ago Package Import Robot Import upstream version 7.0.27 1.3 KB Diff Download File
build.properties.default 1.1.10 11 years ago Package Import Robot Import upstream version 7.0.30 9.8 KB Diff Download File
build.xml 20 11 years ago Package Import Robot * Re-sync with Debian unstable. * New upstream rel 101 KB Diff Download File
BUILDING.txt 1.1.10 11 years ago Package Import Robot Import upstream version 7.0.30 12.5 KB Diff Download File
KEYS 1.1.5 12 years ago Package Import Robot Import upstream version 7.0.23 28.7 KB Diff Download File
LICENSE 1.1.8 11 years ago Package Import Robot Import upstream version 7.0.28 55.4 KB Diff Download File
NOTICE 1.1.8 11 years ago Package Import Robot Import upstream version 7.0.28 1.1 KB Diff Download File
RELEASE-NOTES 1.1.5 12 years ago Package Import Robot Import upstream version 7.0.23 8.6 KB Diff Download File
RUNNING.txt 1.1.8 11 years ago Package Import Robot Import upstream version 7.0.28 15.3 KB Diff Download File
STATUS.txt 1.1.8 11 years ago Package Import Robot Import upstream version 7.0.28 1.6 KB Diff Download File