[SECURITY] [DLA 746-2] tomcat6 regression update


Package : tomcat6 Version : 6.0.45+dfsg-1~deb7u5 Debian Bug : 848492 The last security update introduced a regression due to the use of StringManager in the ResourceLinkFactory class. The code was removed again since it is not strictly required to resolve CVE-2016-6797. For Debian 7 "Wheezy", these problems have been fixed in version 6.0.45+dfsg-1~deb7u5. We recommend that you upgrade your tomcat6 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Affected Package

OS OS Version Package Name Package Version
Debian 8 libservlet3.1-java-doc 8.0.14-1+deb8u4
Debian 7 libservlet2.5-java 6.0.45+dfsg-1~deb7u3
Debian 8 libtomcat7-java 7.0.56-3+deb8u5
Debian 8 tomcat8-user 8.0.14-1+deb8u4
Debian 8 libservlet3.0-java 7.0.56-3+deb8u5
Debian 7 tomcat6-extras 6.0.45+dfsg-1~deb7u5
Debian 8 tomcat7-user 7.0.56-3+deb8u5
Debian 7 libtomcat6-java 6.0.45+dfsg-1~deb7u5
Debian 7 tomcat6-common 6.0.45+dfsg-1~deb7u3
Debian 8 tomcat8-docs 8.0.14-1+deb8u4
Debian 7 tomcat7-common 7.0.28-4+deb7u7
Debian 7 tomcat6-admin 6.0.45+dfsg-1~deb7u3
Debian 7 libservlet2.5-java-doc 6.0.45+dfsg-1~deb7u5
Debian 7 libservlet3.0-java 7.0.28-4+deb7u7
Debian 8 tomcat7 7.0.56-3+deb8u5
Debian 8 tomcat7-examples 7.0.56-3+deb8u5
Debian 7 libservlet2.4-java 6.0.45+dfsg-1~deb7u3
Debian 7 libtomcat6-java 6.0.45+dfsg-1~deb7u3
Debian 7 tomcat6 6.0.45+dfsg-1~deb7u5
Debian 7 tomcat6-examples 6.0.45+dfsg-1~deb7u3
Debian 8 tomcat8 8.0.14-1+deb8u4
Debian 8 libservlet3.0-java-doc 7.0.56-3+deb8u5
Debian 8 libservlet3.1-java 8.0.14-1+deb8u4
Debian 8 tomcat8-common 8.0.14-1+deb8u4
Debian 7 tomcat6 6.0.45+dfsg-1~deb7u3
Debian 7 libservlet3.0-java-doc 7.0.28-4+deb7u7
Debian 7 libservlet2.5-java-doc 6.0.45+dfsg-1~deb7u3
Debian 7 libservlet2.5-java 6.0.45+dfsg-1~deb7u5
Debian 7 tomcat6-common 6.0.45+dfsg-1~deb7u5
Debian 7 libservlet2.4-java 6.0.45+dfsg-1~deb7u5
Debian 8 tomcat8-admin 8.0.14-1+deb8u4
Debian 7 tomcat6-docs 6.0.45+dfsg-1~deb7u3
Debian 7 tomcat6-extras 6.0.45+dfsg-1~deb7u3
Debian 7 tomcat7-docs 7.0.28-4+deb7u7
Debian 7 tomcat7-examples 7.0.28-4+deb7u7
Debian 7 libtomcat7-java 7.0.28-4+deb7u7
Debian 7 tomcat6-admin 6.0.45+dfsg-1~deb7u5
Debian 7 tomcat6-user 6.0.45+dfsg-1~deb7u5
Debian 7 tomcat6-docs 6.0.45+dfsg-1~deb7u5
Debian 7 tomcat7 7.0.28-4+deb7u7
Debian 7 tomcat6-examples 6.0.45+dfsg-1~deb7u5
Debian 8 tomcat7-docs 7.0.56-3+deb8u5
Debian 7 tomcat6-user 6.0.45+dfsg-1~deb7u3
Debian 8 tomcat8-examples 8.0.14-1+deb8u4
Debian 8 tomcat7-admin 7.0.56-3+deb8u5
Debian 8 tomcat7-common 7.0.56-3+deb8u5
Debian 7 tomcat7-user 7.0.28-4+deb7u7
Debian 7 tomcat7-admin 7.0.28-4+deb7u7
Debian 8 libtomcat8-java 8.0.14-1+deb8u4