Security Team & Tomcat Maintainers,
I began working on a jessie LTS update for tomcat8 and sought some
guidance from Markus Koschany, as he prepared a tomact7 update recently.
He pointed out that the tomcat8 package in jessie is based on the 8.0.x
upstream relases, which will reach EOL on 30th Jun
Hello.
CVE-2016-8614 is marked as "no-dsa (can be fixed via point release)" for
Jessie. But I think its *not affecting* Jessie as the vulnerable code
present in separate module which only merged to ansible from version
2.3. I am going to mark it as *not-affected*. Let me know if my research
is wro
