- 24 Aug, 2018 4 commits
-
-
Markus Koschany authored
-
Markus Koschany authored
-
Markus Koschany authored
-
Markus Koschany authored
-
- 12 Apr, 2018 1 commit
-
-
Markus Koschany authored
tomcat8 (8.5.14-1+deb9u2) stretch-security; urgency=high * Team upload. * Fix CVE-2017-7674: The CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. * Fix CVE-2017-7675: The HTTP/2 implementation bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL.
-
- 21 Jun, 2017 1 commit
-
-
Emmanuel Bourg authored
Fixed CVE-2017-5664: Static error pages can be overwritten if the DefaultServlet is configured to permit writes (Closes: #864447)
-
- 07 May, 2017 1 commit
-
-
Emmanuel Bourg authored
-
- 20 Apr, 2017 5 commits
-
-
Emmanuel Bourg authored
Upstream version 8.5.14
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
Upstream version 8.5.13
-
Emmanuel Bourg authored
-
- 18 Apr, 2017 3 commits
-
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
Upstream version 8.5.12
-
- 12 Apr, 2017 5 commits
-
-
Markus Koschany authored
-
Markus Koschany authored
-
Markus Koschany authored
-
Markus Koschany authored
-
Markus Koschany authored
Thanks: Salvatore Bonaccorso for the report. Closes: #860068 Add CVE patches to series file.
-
- 10 Mar, 2017 1 commit
-
-
Emmanuel Bourg authored
-
- 17 Jan, 2017 1 commit
-
-
Emmanuel Bourg authored
-
- 11 Jan, 2017 3 commits
-
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
Upstream version 8.5.11
-
Emmanuel Bourg authored
-
- 06 Jan, 2017 3 commits
-
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
Upstream version 8.5.10
-
Emmanuel Bourg authored
-
- 20 Dec, 2016 1 commit
-
-
Emmanuel Bourg authored
-
- 19 Dec, 2016 1 commit
-
-
Emmanuel Bourg authored
-
- 18 Dec, 2016 1 commit
-
-
Emmanuel Bourg authored
-
- 08 Dec, 2016 1 commit
-
-
Emmanuel Bourg authored
-
- 07 Dec, 2016 2 commits
-
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
Restored the classloading from the common, server and shared directories under CATALINA_BASE (Closes: #847137)
-
- 05 Dec, 2016 3 commits
-
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
Upstream version 8.5.9
-
Emmanuel Bourg authored
-
- 01 Dec, 2016 3 commits
-
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
-
Emmanuel Bourg authored
-