Please merge tomcat5.5 5.5.26-5 (universe) from Debian unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tomcat5.5 (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: tomcat5.5
Ubuntu changes:
* Set java source and target version to 1.5 (LP: #264808)
* Don't fail install if Tomcat cannot be started (LP: #274365, LP: #212536)
* Fix tomcat5.5 Java environment to match status of Java in intrepid:
- control: Moved Java runtime deps to libtomcat5.5-java
- control: Depends on default-
- tomcat5.5.init: Fix JVM list to match java2-runtime-
- rules, control: Builds with default-jdk, libecj-java build-dep added
- Fixes LP: #212521, LP: #179447
* tomcat5.5.postinst: Removed superfluous /etc/tomcat5.
* rules, tomcat5.5.init: implement TearDown spec
* tomcat5.5.install: don't install catalina.policy (LP: #112626)
* Fix CVE-2008-1232 cross-site scripting vulnerability (LP: #256926)
* Fix CVE-2008-2370 information disclosure vulnerability (LP: #256922)
* Fix CVE-2008-2938 directory traversal (LP: #256802)
Debian changes:
* Merge changes from Ubuntu:
- Use default-
- tomcat5.5.init: Fix JDK list to match default-jre, java-6-openjdk
and java-6-cacao. Closes: #495235.
- tomcat5.5.postinst: Removed superfluous /etc/tomcat5.
Closes: #498487.
* debian/copyright: Reference Apache 2.0 license in /usr/share/
* Security issues fixed.
- CVE-2008-1232: Cross-site scripting
- CVE-2008-2370: Information disclosure
- CVE-2008-2938: Directory traversal. Closes: #496309.
Related branches
Changed in tomcat5.5: | |
assignee: | nobody → tcarrez |
importance: | Undecided → Wishlist |
status: | New → In Progress |
Changed in tomcat5.5: | |
status: | Confirmed → Incomplete |
Debdiff from Debian version to Merged version.
Remaining changes: tomcat5. 5.init: Fix JVM list to match java2-runtime- headless providers, and do not refuse using JREs tomcat5. 5.init: Implement TearDown spec tomcat5. 5.install: Don't install catalina.policy
- debian/control: add libecj-java builddep to fix FTBFS with default-jdk
- debian/rules: Set java source and target version to 1.5
- debian/rules: Don't fail install if Tomcat cannot be started
- debian/
- debian/rules, debian/
- debian/
Additional changes: tomcat5. 5.init: Added LSB exit codes to status action (LP: #298051)
- debian/changelog: Cleaned up duplicate entries
- debian/