~ubuntu-branches/ubuntu/quantal/tomcat7/quantal-updates

Viewing all changes in revision 22.

Committer: Package Import Robot
Author(s): Marc Deslauriers
Date: 2013-01-10 09:35:41 UTC
Revision ID: package-import@ubuntu.com-20130110093541-olgyu15r27qx56hi

Tags: 7.0.30-0ubuntu1.1

* SECURITY UPDATE: CSRF bypass via request with no session identifier
  - debian/patches/CVE-2012-4431.patch: check for session identifier in
    java/org/apache/catalina/filters/CsrfPreventionFilter.java.
  - CVE-2012-4431

files added:
.pc/CVE-2012-4431.patch

.pc/CVE-2012-4431.patch/java

.pc/CVE-2012-4431.patch/java/org

.pc/CVE-2012-4431.patch/java/org/apache

.pc/CVE-2012-4431.patch/java/org/apache/catalina

.pc/CVE-2012-4431.patch/java/org/apache/catalina/filters

.pc/CVE-2012-4431.patch/java/org/apache/catalina/filters/CsrfPreventionFilter.java

debian/patches/CVE-2012-4431.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

java/org/apache/catalina/filters/CsrfPreventionFilter.java

expand all

Show diffs side-by-side

added added

removed removed

.pc/CVE-2012-4431.patch/

.pc/CVE-2012-4431.patch/java/

.pc/CVE-2012-4431.patch/java/org/

.pc/CVE-2012-4431.patch/java/org/apache/

.pc/CVE-2012-4431.patch/java/org/apache/catalina/

.pc/CVE-2012-4431.patch/java/org/apache/catalina/filters/

.pc/CVE-2012-4431.patch/java/org/apache/catalina/filters/CsrfPreventionFilter.java

.pc/applied-patches

debian/changelog

debian/patches/CVE-2012-4431.patch

debian/patches/series

java/org/apache/catalina/filters/CsrfPreventionFilter.java

Older »