Ubuntu
tomcat7 package

lp://staging/ubuntu/vivid-security/tomcat7

Vivid (15.04)
vivid-security

Created by Ubuntu Package Importer on 2015-06-25 and last modified on 2015-06-25

Get this branch:: bzr branch lp://staging/ubuntu/vivid-security/tomcat7

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

34. By Marc Deslauriers on 2015-06-19

* SECURITY UPDATE: SecurityManager bypass via Expression Language
  - debian/patches/CVE-2014-7810.patch: handle classes that may not be
    accessible but have accessible interfaces in
    java/javax/el/BeanELResolver.java, remove unnecessary code in
    java/org/apache/jasper/runtime/PageContextImpl.java,
    java/org/apache/jasper/security/SecurityClassLoad.java.
  - CVE-2014-7810

33. By Miguel Landaeta <email address hidden> on 2015-03-26

* Fix FTBFS error by making sure SSL unit tests use TLS protocols.
  - SSLv3 and previous protocols are not secure and deprecated
    in JDK7.
  - Additionally, some X509 certificates provided by upstream expired
    and were causing failures in unit tests as well, so they were
    regenerated. (Closes: #780519).
* Fix FTBFS error by disabling some unit tests that depends on
  having network access.

32. By Emmanuel Bourg on 2014-10-06

* New upstream release
* Install the extra jar catalina-jmx-remote.jar (Closes: #719921)
* Removed the note about the authbind IPv6 incompatibility
in /etc/defaults/tomcat7
* Added the SimpleInstanceManager class from Tomcat 8 to help integrating
the JSP compiler into Jetty 8

31. By Emmanuel Bourg on 2014-07-29

* New upstream release
* Refreshed the patches

30. By Tony Mancill on 2014-06-14

[ Emmanuel Bourg ]
* debian/defaults.template: Bumped the required version of Java mentioned
  in the comment on the JAVA_HOME variable
* debian/tomcat7.init: Search for OpenJDK 8 and Oracle JDKs when starting
  the server (Closes: #714349)
* Updated the version required for libtcnative-1 (>= 1.1.30)
  (Closes: #750454)

29. By Emmanuel Bourg on 2014-05-22

* New upstream release
* Refreshed the patches
* Use XZ compression for the upstream tarball

28. By Miguel Landaeta <email address hidden> on 2014-05-01

* New upstream release.
* Refresh patches:
  - debian/patches/0011-fix-classpath-lintian-warnings.patch.
  - debian/patches/0015_disable_test_TestCometProcessor.patch.
* Add new patch:
  - Disabled Java 8 support in JSPs (requires an Eclipse compiler update).
* Update my email address in Uploaders list.

27. By Gianfranco Costamagna on 2014-02-19

* Team upload.
* New upstream release.
- Addresses security issue: CVE-2014-0050

26. By James Page <email address hidden> on 2014-01-14

New upstream release.

25. By Tony Mancill on 2013-12-24

[ Gianfranco Costamagna ]
* Team upload.
* New upstream release, patch refresh.
* Renamed patch fix-manager-webapp.path
  to fix-manager-webapp.patch (extension typo).
* Refresh patches for upstream release.
* Removed -Djava.net.preferIPv4Stack=true
  from init script (lp: #1088681),
  thanks Hendrik Haddorp.
* Added webapp manager path patch (lp: #1128067)
  thanks TJ.

[ tony mancill ]
* Bump Standards-Version to 3.9.5.
* Change copyright year in javadocs to 2013.
* Add patch to include the distribution name in error pages.
(Closes: #729840)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp://staging/ubuntu/wily/tomcat7

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntutomcat7 package