Описание
ELSA-2010-0580: tomcat5 security update (IMPORTANT)
[0:5.5.23-0jpp.9]
- Resolves: rhbz#619424 fixed servlet-api typo. serve4-api to servlet-api
- RHSA-2010:9748
[0:5.5.23-0jpp.8]
- Patches backported from RHEL-5 tomcat5-5.5.23-0jpp.10.el5
- Updated init script for LSB compliance, catalina.log permissions
- Resolves: CVE-2009-2693, CVE-2009-2902, CVE-2010-2227
- CVE_2010-0781
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
tomcat5
5.5.23-0jpp.9.el5_5
tomcat5-admin-webapps
5.5.23-0jpp.9.el5_5
tomcat5-common-lib
5.5.23-0jpp.9.el5_5
tomcat5-jasper
5.5.23-0jpp.9.el5_5
tomcat5-jasper-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-jsp-2.0-api
5.5.23-0jpp.9.el5_5
tomcat5-jsp-2.0-api-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-server-lib
5.5.23-0jpp.9.el5_5
tomcat5-servlet-2.4-api
5.5.23-0jpp.9.el5_5
tomcat5-servlet-2.4-api-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-webapps
5.5.23-0jpp.9.el5_5
Oracle Linux x86_64
tomcat5
5.5.23-0jpp.9.el5_5
tomcat5-admin-webapps
5.5.23-0jpp.9.el5_5
tomcat5-common-lib
5.5.23-0jpp.9.el5_5
tomcat5-jasper
5.5.23-0jpp.9.el5_5
tomcat5-jasper-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-jsp-2.0-api
5.5.23-0jpp.9.el5_5
tomcat5-jsp-2.0-api-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-server-lib
5.5.23-0jpp.9.el5_5
tomcat5-servlet-2.4-api
5.5.23-0jpp.9.el5_5
tomcat5-servlet-2.4-api-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-webapps
5.5.23-0jpp.9.el5_5
Oracle Linux i386
tomcat5
5.5.23-0jpp.9.el5_5
tomcat5-admin-webapps
5.5.23-0jpp.9.el5_5
tomcat5-common-lib
5.5.23-0jpp.9.el5_5
tomcat5-jasper
5.5.23-0jpp.9.el5_5
tomcat5-jasper-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-jsp-2.0-api
5.5.23-0jpp.9.el5_5
tomcat5-jsp-2.0-api-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-server-lib
5.5.23-0jpp.9.el5_5
tomcat5-servlet-2.4-api
5.5.23-0jpp.9.el5_5
tomcat5-servlet-2.4-api-javadoc
5.5.23-0jpp.9.el5_5
tomcat5-webapps
5.5.23-0jpp.9.el5_5
Связанные CVE
Связанные уязвимости
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.2 ...
