[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 746-2] tomcat6 regression update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tomcat6
Version        : 6.0.45+dfsg-1~deb7u5
Debian Bug     : 848492

The last security update introduced a regression due to the use of
StringManager in the ResourceLinkFactory class. The code was removed
again since it is not strictly required to resolve CVE-2016-6797.

For Debian 7 "Wheezy", these problems have been fixed in version
6.0.45+dfsg-1~deb7u5.

We recommend that you upgrade your tomcat6 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlhVt3ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeRBBg//Uv4ut+P/bhHfyeQOnV7RYo3RcYUlhjKaDov/rFjkYLuOEsYtDTT79P7C
L+beyhJj8KveH9EvO4UiUjq1BZB85wALHlnM2NtRDKVlmW3Xy7qTpjCIxJi5Wfmu
wi01XleaXnrC3CG20npjLA70gmQ2sahZKEo6qwndIu/0RPTg/MIr3v2SqE7asOyR
CL1J/e++9D+zGrNT8PZj3C3IAPMqjm6+952qaU6TNDXe+StNm8wVlOwsyb/zu607
PwHWQZktFPnRdipzdPQMzxisXP0RFY9Nt6ClPr5W/lv+qYvYJ5GkFu0bFy9HMGM5
i35JoSNDca8s39dnRcE804dErfSirM+AGtYVflb+NTunS5IdTwkD3O+UgLvjAXP9
d7Uh9BWUYSGfvUHL0eU8snU1IW76d8JO0bM2jPSKZ7jB442ih0ox1BlRrNUz0OC7
7UpZdBxUcq4i8mJgScdlLQhrYNeA88PzwCYLf+Qona0Ss2C9Xk8AwYou4LOjHU+J
qAJ62cOAp+SKcslEZRQIIT8WkEbdQPAl7/YQiXbDF6c2gGY5eMYvOqmJlVrvUY40
BqPwT+8sWzDNdnociGWvlMnMiLtxyYK6oz0Ygqk5WjImkDfXTq5tbFhWfw7rFSpO
qGXsr080K9vFDT1QY19Mr32SSwF8Gc/Xu9MM3+6p/zK2vAhvRKc=
=zWKq
-----END PGP SIGNATURE-----
Reply to: