Change log for tomcat5.5 package in Ubuntu
1 → 18 of 18 results | First • Previous • Next • Last |
tomcat5.5 (5.5.25-5ubuntu1.3) hardy-security; urgency=low * SECURITY UPDATE: Apache Tomcat Authentication bypass and information disclosure (LP: #843701). - connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java: Prevent AJP request forgery via unread request body packet - upstream patch from Mark Thomas - http://svn.apache.org/viewvc?view=revision&revision=1162960 - CVE-2011-3190 -- James Page <email address hidden> Mon, 26 Sep 2011 11:42:02 +0100
Available diffs
tomcat5.5 (5.5.25-5ubuntu1.2) hardy-proposed; urgency=low * debian/tomcat5.5.init: Add OpenJDK to the JVM list and stop refusing JREs so that Tomcat 5.5 starts up correctly with all the java2-runtime providers in hardy (LP: #179447, LP: #212521) -- Thierry Carrez <email address hidden> Mon, 22 Sep 2008 10:48:30 +0200
Available diffs
Deleted in karmic-release (Reason: (From Debian) RoM; superseded by new upstream version) |
Obsolete in jaunty-release |
tomcat5.5 (5.5.26-5ubuntu1) jaunty; urgency=low * Merge from debian unstable (LP: #298043), remaining changes: - debian/control: add libecj-java builddep to fix FTBFS with default-jdk - debian/rules: Set java source and target version to 1.5 - debian/rules: Don't fail install if Tomcat cannot be started - debian/tomcat5.5.init: Fix JVM list to match java2-runtime-headless providers, and do not refuse using JREs - debian/tomcat5.5.install: Don't install catalina.policy * debian/changelog: Removed duplicate entries * debian/tomcat5.5.init: Added LSB exit codes to status action (LP: #298051) * debian/rules: dropped Ubuntu-specific TearDown implementation which might break LifecycleListener
Available diffs
tomcat5.5 (5.5.26-3ubuntu3) intrepid; urgency=low * Set java source and target version to 1.5 (LP: #264808) -- Thierry Carrez <email address hidden> Mon, 20 Oct 2008 13:47:15 +0200
Available diffs
- diff from 5.5.26-3ubuntu2 to 5.5.26-3ubuntu3 (561 bytes)
Superseded in intrepid-release |
tomcat5.5 (5.5.26-3ubuntu2) intrepid; urgency=low * Don't fail install if Tomcat cannot be started (LP: #274365, LP: #212536) -- Thierry Carrez <email address hidden> Mon, 29 Sep 2008 15:03:01 +0200
Available diffs
- diff from 5.5.26-3ubuntu1 to 5.5.26-3ubuntu2 (504 bytes)
Superseded in intrepid-release |
tomcat5.5 (5.5.26-3ubuntu1) intrepid; urgency=low * Fix tomcat5.5 Java environment to match status of Java in intrepid: - control: Moved Java runtime deps to libtomcat5.5-java - control: Depends on default-jre-headless | java2-runtime-headless - tomcat5.5.init: Fix JVM list to match java2-runtime-headless - rules, control: Builds with default-jdk, libecj-java build-dep added - Fixes LP: #212521, LP: #179447 * tomcat5.5.postinst: Removed superfluous /etc/tomcat5.5/tomcat5.5 linking * rules, tomcat5.5.init: implement TearDown spec * tomcat5.5.install: don't install catalina.policy (LP: #112626) * Fix CVE-2008-1232 cross-site scripting vulnerability (LP: #256926) * Fix CVE-2008-2370 information disclosure vulnerability (LP: #256922) * Fix CVE-2008-2938 directory traversal (LP: #256802) -- Thierry Carrez <email address hidden> Wed, 10 Sep 2008 12:00:09 +0200
Available diffs
- diff from 5.5.26-3 to 5.5.26-3ubuntu1 (4.4 KiB)
tomcat5.5 (5.5.25-5ubuntu1.1) hardy-security; urgency=low * SECURITY UPDATE: Fix information disclosure vulnerability that allowed to access unauthorized content, fix directory traversal vulnerability that could on specific configurations lead to the disclosure of sensitive files, and fix two cross-site-scripting issues that could result in arbitrary content being injected into the HTTP response. * Security patches from upstream SVN, applied inline (LP: #256802, LP: #256922, LP: #256926, LP: #270553) * References CVE-2008-1232 CVE-2008-1947 CVE-2008-2370 CVE-2008-2938 -- Thierry Carrez <email address hidden> Mon, 15 Sep 2008 17:13:15 +0200
Available diffs
tomcat5.5 (5.5.26-3) unstable; urgency=high * CVE-2008-1947: Fix XSS issue in host-manager web application. Closes: #484643 -- Ubuntu Archive Auto-Sync <email address hidden> Sat, 07 Jun 2008 12:43:41 +0100
Available diffs
- diff from 5.5.26-2 to 5.5.26-3 (816 bytes)
tomcat5.5 (5.5.26-2) unstable; urgency=low * Fixed bootstrap.MF to put commons-logging-api.jar onto classpath instead of commons-logging-api-1.1.1.jar. Closes: #477363 -- Ubuntu Archive Auto-Sync <email address hidden> Mon, 02 Jun 2008 15:13:06 +0100
Available diffs
- diff from 5.5.26-1 to 5.5.26-2 (472 bytes)
tomcat5.5 (5.5.26-1) unstable; urgency=low [ Michael Koch ] * New upstream release. - CVE-2007-5333: unauthorized disclosure of information. Closes: #465645 - CVS-2007-6286: handling of empty requests. * debian/rules: Don't file when files to delete don't exist. Closes: #458977 * debian/tomcat5.5.init: Change directory to $CATALINA_BASE/temp before starting the daemon. Patch by David Pashley. Closes: #418826 * debian/tomcat5.5.init: Use 'printf' instead of 'echo -e'. Closes: #472899 [ Marcus Better ] * debian/policy/04webapps.policy: Grant read permission to JULI for the (non-existing) logging.properties file in the example webapps. Closes: #460839. -- Onkar Shinde <email address hidden> Thu, 29 May 2008 14:07:58 +0100
Available diffs
- diff from 5.5.25-5ubuntu1 to 5.5.26-1 (205.6 KiB)
tomcat5.5 (5.5.25-5ubuntu1) hardy; urgency=low * Merge from Debian unstable (LP: #153672, LP: #159661, LP: #161882, LP: #173692, LP: #179491), remaining changes: - debian/control: Change the Maintainer address. - debian/rules: Force flag passed to rm to `prune files that should not be installed at all'.
tomcat5.5 (5.5.25-1ubuntu1) gutsy; urgency=low * Merged from Debian revision 5.5.25-1; remaining Ubuntu changes: - Modified build-deps. - Force flag passed to rm to `prune files that should not be installed at all'. * This fixes CVE-2007-1355, CVS-2007-2449 and CVE-2007-2450 (LP: #150755). -- Philipp Kern <email address hidden> Mon, 08 Oct 2007 23:59:20 +0200
Superseded in gutsy-release |
tomcat5.5 (5.5.20-5ubuntu2) gutsy; urgency=low * Replace the Depends on ecj-bootstrap with ecj. -- Steve Kowalik <email address hidden> Tue, 7 Aug 2007 23:04:03 +1000
Superseded in gutsy-release |
tomcat5.5 (5.5.20-5ubuntu1) gutsy; urgency=low * Merge from debian unstable, remaining changes: - debian/control: Added removed (from debian) build-dep on xsltproc * debian/control: - Added Ubuntu MOTU Maintainer, moved old one to XSBC-Original-...
tomcat5.5 (5.5.20-4ubuntu1) feisty; urgency=low * Merge from debian unstable, remaining changes: - debian/control: Added removed (from debian) build-dep on xsltproc
Superseded in feisty-release |
tomcat5.5 (5.5.20-2ubuntu1) feisty; urgency=low * Merge from debian unstable. * New Ubuntu changes: - debian/control: Added removed (from debian) build-dep on xsltproc - debian/rules: added a -f to a rm command, which fails, when those files are not there.
tomcat5.5 (5.5.17-1ubuntu1) edgy; urgency=low * (Build-) depend on libmx4j-java (>= 3.0).
tomcat5.5 (5.5.15-1) experimental; urgency=low * Arnaud Vandyck <email address hidden>: + All the work as been done by Wolfgang to have this package in Debian. + The package is now tomcat5.5 and not tomcat5. + Now build with gcj instead of kaffe. + Put cdbs and debhelper in Build-Depends. + Standards-Version updated to 3.7.2. + tomcat depends on tomcat-webapps and tomcat-admin, not only suggest * New major upstream release + New source layout - adaptions all over the place + Ported all patches to new source layout + Added patch (09_UseSystemDBCP.patch) to use system dbcp instead of repackaged tomcat stuff (naming-factory-dbcp.jar) + Drop now unneeded dependencies on libsaxpath-java, libjaxen-java, libregexp-java from build-dependencies and dependencies + Move dependency on libcommons-collections3-java, libcommons-fileupload-java, libcommons-beanutils-java and libcommons-digester-java to tomcat5-admin (only needed here) + Move libraries around as required by new binary layout (e.g. i18n jars into own directory) + Moved and linked new jars (tomcat-jkstatus-ant.jar, tomcat-juli.jar) + Updated 03catalina.policy to include tomcat-juli.jar, remove launcher.jar + Install ant task definitions with libtomcat5-java * Remove JDK 1.3 directories from JDK_DIRS in tomcat.init (not supported) * Updated tomcat.default to remove JDK 1.3 options * Updated description to include host-manager, fixed URLs * Minor updates in README.Debian
1 → 18 of 18 results | First • Previous • Next • Last |