Summary: | <www-servers/tomcat-{7.0.109,8.5.68,9.0.48,10.0.7}: multiple vulnerabilities (CVE-2021-{30639,30640,33037}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | fordfrog, java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa+] | ||
Package list: |
www-servers/tomcat-8.5.69 amd64
dev-java/tomcat-servlet-api-8.5.69
|
Runtime testing required: | --- |
Description
John Helmert III
2021-07-12 17:06:23 UTC
Sanity check failed:
> www-servers/tomcat-8.5.68
> depend amd64 dev profile default/linux/amd64/17.0/x32 (2 total)
> ~dev-java/tomcat-servlet-api-8.5.68:3.1
> depend amd64 stable profile default/linux/amd64/17.1 (15 total)
> ~dev-java/tomcat-servlet-api-8.5.68:3.1
> rdepend amd64 dev profile default/linux/amd64/17.0/x32 (2 total)
> ~dev-java/tomcat-servlet-api-8.5.68:3.1
> rdepend amd64 stable profile default/linux/amd64/17.1 (15 total)
> ~dev-java/tomcat-servlet-api-8.5.68:3.1
All sanity-check issues have been resolved x86 done arm64 done ppc64 done amd64 done all arches done Please cleanup, thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6326289a0137c5d8e7e145a0147ae389f91dba63 commit 6326289a0137c5d8e7e145a0147ae389f91dba63 Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2021-07-13 04:25:22 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2021-07-13 04:26:29 +0000 www-servers/tomcat: removed vulnerable 8.5.66 Bug: https://bugs.gentoo.org/801916 Package-Manager: Portage-3.0.20, Repoman-3.0.3 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-servers/tomcat/Manifest | 1 - www-servers/tomcat/tomcat-8.5.66.ebuild | 159 -------------------------------- 2 files changed, 160 deletions(-) the tree is clean now, you can proceed Thank you! Unable to check for sanity:
> no match for package: www-servers/tomcat-8.5.68
Unable to check for sanity:
> no match for package: dev-java/tomcat-servlet-api-8.5.68
Unable to check for sanity:
> no match for package: www-servers/tomcat-8.5.69
GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=a4afff138b8507c9b0b4fdbebda4c8d1935d6238 commit a4afff138b8507c9b0b4fdbebda4c8d1935d6238 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-21 01:35:21 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-21 01:40:47 +0000 [ GLSA 202208-34 ] Apache Tomcat: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/773571 Bug: https://bugs.gentoo.org/801916 Bug: https://bugs.gentoo.org/818160 Bug: https://bugs.gentoo.org/855971 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-34.xml | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) GLSA released, all done! |