Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-0791

Опубликовано: 28 мая 2011
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2011-0791: tomcat6 security and bug fix update (MODERATE)

[6.0.24-33]

  • resolves: rhbz 695284 - multiple instances logging fiasco

[6.0.24-32]

  • Resolves: rhbz 698624 - inet4address can't be cast to String

[6.0.24-31]

  • Resolves: rhbz 656403 - cve-2010-4172 jsp syntax error

[6.0.24-30]

  • Resolves: rhbz#697504 initscript logging location

[6.0.24-29]

  • Resolves: rhbz#656403, rhbz#675926, rhbz#676011
  • CVE-2010-4172, CVE-2010-3718, CVE-2011-0013, CVE-2010-4476,
  • CVE-2011-0534

[6.0.24-28]

  • Resovles rhbz#695284 - wrapper logs to different locations
  • CVE-2010-4172, CVE-2011-0013, CVE-2010-3718 commented out
  • until needed.

[6.0.24-27]

  • naming-factory-dbcp missing fix in tomcat6.conf
  • Add Obsoletes for log4j

[6.0.24-26]

  • Add log4j to package lib. Corrected typo in log4 Provides
  • epock versus epoch

[6.0.24-25]

  • Installed permissions do not allow tomcat to start
  • incrementing NVR so yum won't get confused with the zstream

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

tomcat6

6.0.24-33.el6

tomcat6-admin-webapps

6.0.24-33.el6

tomcat6-docs-webapp

6.0.24-33.el6

tomcat6-el-2.1-api

6.0.24-33.el6

tomcat6-javadoc

6.0.24-33.el6

tomcat6-jsp-2.1-api

6.0.24-33.el6

tomcat6-lib

6.0.24-33.el6

tomcat6-servlet-2.5-api

6.0.24-33.el6

tomcat6-webapps

6.0.24-33.el6

Oracle Linux i686

tomcat6

6.0.24-33.el6

tomcat6-admin-webapps

6.0.24-33.el6

tomcat6-docs-webapp

6.0.24-33.el6

tomcat6-el-2.1-api

6.0.24-33.el6

tomcat6-javadoc

6.0.24-33.el6

tomcat6-jsp-2.1-api

6.0.24-33.el6

tomcat6-lib

6.0.24-33.el6

tomcat6-servlet-2.5-api

6.0.24-33.el6

tomcat6-webapps

6.0.24-33.el6

Связанные CVE

CVE-2011-0013
CVE-2010-4172
CVE-2010-3718

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2011-1845

oracle-oval
больше 13 лет назад

ELSA-2011-1845: tomcat5 security update (MODERATE)

ubuntu логотип

CVE-2011-0013

ubuntu
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.

redhat логотип

CVE-2011-0013

redhat
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.

nvd логотип

CVE-2011-0013

nvd
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.

debian логотип

CVE-2011-0013

debian
больше 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manage ...