[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 753-1] tomcat7 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : tomcat7
Version        : 7.0.28-4+deb7u8
CVE ID         : CVE-2016-9774
Debian Bug     : 845393 845425 846298

Paul Szabo discovered a potential privilege escalation that could be
exploited in the situation envisaged in DLA-622-1. This update also
addresses several regressions stemming from incomplete fixes for
CVE-2015-5345, CVE-2016-5018 and CVE-2016-6797.

For Debian 7 "Wheezy", these problems have been fixed in version
7.0.28-4+deb7u8.

We recommend that you upgrade your tomcat7 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlhW7NpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeR43BAAqZtj7SJ61ecT8DfS/4/M6lVnuunqBWDoqjZz51hBTxAqvh8j3I+OWK9l
lW7xWG5vL8ht40hNL2c3QVq/EDYIfOOgM/6co1BnW6m9DZLEFbykHd9x3dcb+xZw
6/JU/eRhnQTb+w+GBuq0QYE/xCupZhq1wpaIke4VC/BRkEMMxup2B4TubJ2304pt
ZE5tnwWIYog81UocYMKSMimxJFmJUL9iLI6Mnx8ox7zazXPTEOC1+Xj4t6TPzGTx
i60oH1Yz+0E++rkHDDQ8iu6EIN0whMQkUR8WreC5GdbOoJ+WU32yTc9F4bRJXxsc
j7OAMSnIuNIGlYuleyZIeXbHp7fNTGhpFa2HgcWSQJ53nCikdeasodvSedDrbT/9
iqHSMfY7rhxUj3aJbi5am3wXG+FYZvkaqR/0WxnIdR7QGz/ESDWwvo5dWujVrWrM
qfAsBCvOXr26pmq6FB7G/eVqHieBpU4XrhiXE0L40iHfyRYAZH1nEBkFWAhzl/6y
ojc3TFcslaYGEbYXTdHSfBZKuI4oZ+rbh4xfrEy+FdCCf8JPIdBCkiotsadxV9ny
iVSTSYroBamy0mz1w8GGwrK1/pBYvUWcAbQQ1g/20TTlleLUMTzy0qVv9+OtYBZW
zRtqcF00ULRnhn89j8s/dzSTS8Uu6Fn0Hz8daWJIhuixmjE1tnU=
=If55
-----END PGP SIGNATURE-----


Reply to: