Outstanding low priority security bugs in the tomcat7 packages
Bug #1449975 reported by
Andrea Dell'Amico
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tomcat7 (Ubuntu) |
Fix Released
|
Low
|
Unassigned |
Bug Description
Some security vulnerabilities have been fixed after the release of tomcat 7.0.52 that is packaged for Trusty: http://
None of them have been backported. I see the same behaviour with older distributions, too. Is there a chance to have the security vulnerabilities fixed or I have to produce a tomcat package by myself?
To post a comment you must log in.
Thanks for reporting this issue.
You can track the security updates for tomcat 7 here: people. canonical. com/~ubuntu- security/ cve/pkg/ tomcat7. html
http://
CVE-2014-0075, CVE-2014-0096 and CVE-2014-0099 have been published for trusty in this advisory: www.ubuntu. com/usn/ usn-2302- 1/
http://
CVE-2014-0119, CVE-2014-0227 and CVE-2014-0230 have been rated as being "low" priority, which means we will include them in a security update once a more important issue comes up.