This bug was fixed in the package tomcat5.5 - 5.5.26-3ubuntu1
--------------- tomcat5.5 (5.5.26-3ubuntu1) intrepid; urgency=low
* Fix tomcat5.5 Java environment to match status of Java in intrepid: - control: Moved Java runtime deps to libtomcat5.5-java - control: Depends on default-jre-headless | java2-runtime-headless - tomcat5.5.init: Fix JVM list to match java2-runtime-headless - rules, control: Builds with default-jdk, libecj-java build-dep added - Fixes LP: #212521, LP: #179447 * tomcat5.5.postinst: Removed superfluous /etc/tomcat5.5/tomcat5.5 linking * rules, tomcat5.5.init: implement TearDown spec * tomcat5.5.install: don't install catalina.policy (LP: #112626) * Fix CVE-2008-1232 cross-site scripting vulnerability (LP: #256926) * Fix CVE-2008-2370 information disclosure vulnerability (LP: #256922) * Fix CVE-2008-2938 directory traversal (LP: #256802)
-- Thierry Carrez <email address hidden> Wed, 10 Sep 2008 12:00:09 +0200
This bug was fixed in the package tomcat5.5 - 5.5.26-3ubuntu1
---------------
tomcat5.5 (5.5.26-3ubuntu1) intrepid; urgency=low
* Fix tomcat5.5 Java environment to match status of Java in intrepid: jre-headless | java2-runtime- headless headless 5/tomcat5. 5 linking
- control: Moved Java runtime deps to libtomcat5.5-java
- control: Depends on default-
- tomcat5.5.init: Fix JVM list to match java2-runtime-
- rules, control: Builds with default-jdk, libecj-java build-dep added
- Fixes LP: #212521, LP: #179447
* tomcat5.5.postinst: Removed superfluous /etc/tomcat5.
* rules, tomcat5.5.init: implement TearDown spec
* tomcat5.5.install: don't install catalina.policy (LP: #112626)
* Fix CVE-2008-1232 cross-site scripting vulnerability (LP: #256926)
* Fix CVE-2008-2370 information disclosure vulnerability (LP: #256922)
* Fix CVE-2008-2938 directory traversal (LP: #256802)
-- Thierry Carrez <email address hidden> Wed, 10 Sep 2008 12:00:09 +0200