1. 12 Apr, 2018 1 commit
    • Markus Koschany's avatar
      Import Debian changes 8.5.14-1+deb9u2 · b2b30054
      Markus Koschany authored
      tomcat8 (8.5.14-1+deb9u2) stretch-security; urgency=high
      
        * Team upload.
        * Fix CVE-2017-7674:
          The CORS Filter did not add an HTTP Vary header indicating that the
          response varies depending on Origin. This permitted client and server side
          cache poisoning in some circumstances.
        * Fix CVE-2017-7675:
          The HTTP/2 implementation bypassed a number of security checks that
          prevented directory traversal attacks. It was therefore possible to bypass
          security constraints using a specially crafted URL.
      b2b30054
  2. 21 Jun, 2017 1 commit
  3. 07 May, 2017 1 commit
  4. 20 Apr, 2017 5 commits
  5. 18 Apr, 2017 3 commits
  6. 12 Apr, 2017 5 commits
  7. 10 Mar, 2017 1 commit
  8. 17 Jan, 2017 1 commit
  9. 11 Jan, 2017 3 commits
  10. 06 Jan, 2017 3 commits
  11. 20 Dec, 2016 1 commit
  12. 19 Dec, 2016 1 commit
  13. 18 Dec, 2016 1 commit
  14. 08 Dec, 2016 1 commit
  15. 07 Dec, 2016 2 commits
  16. 05 Dec, 2016 3 commits
  17. 01 Dec, 2016 7 commits