ELSA-2011-1780

Опубликовано: 05 дек. 2011

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2011-1780: tomcat6 security and bug fix update (MODERATE)

[0:6.0.24-35]

Resolves: cve-2011-3190
Resolves: cve-2011-2204
Resolves: cve-2011-2526
Resolves: cve-2011-1184
Resolves: rhbz 748807 - tomcat6 broken when LANG=fr

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

tomcat6

6.0.24-35.el6_1

tomcat6-admin-webapps

6.0.24-35.el6_1

tomcat6-docs-webapp

6.0.24-35.el6_1

tomcat6-el-2.1-api

6.0.24-35.el6_1

tomcat6-javadoc

6.0.24-35.el6_1

tomcat6-jsp-2.1-api

6.0.24-35.el6_1

tomcat6-lib

6.0.24-35.el6_1

tomcat6-servlet-2.5-api

6.0.24-35.el6_1

tomcat6-webapps

6.0.24-35.el6_1

Oracle Linux i686

tomcat6

6.0.24-35.el6_1

tomcat6-admin-webapps

6.0.24-35.el6_1

tomcat6-docs-webapp

6.0.24-35.el6_1

tomcat6-el-2.1-api

6.0.24-35.el6_1

tomcat6-javadoc

6.0.24-35.el6_1

tomcat6-jsp-2.1-api

6.0.24-35.el6_1

tomcat6-lib

6.0.24-35.el6_1

tomcat6-servlet-2.5-api

6.0.24-35.el6_1

tomcat6-webapps

6.0.24-35.el6_1

Связанные CVE

Ссылки на источники

Связанные уязвимости

CVE-2011-2526

ubuntu

почти 14 лет назад

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application.

CVE-2011-2526

redhat

почти 14 лет назад

CVE-2011-2526

nvd

почти 14 лет назад

CVE-2011-2526

debian

почти 14 лет назад

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7 ...

ELSA-2011-1845

oracle-oval

больше 13 лет назад

ELSA-2011-1845: tomcat5 security update (MODERATE)