Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Errata Announcements for Oracle Linux <el-errata <at> oss.oracle.com>
Subject: ELSA-2013-0623 Important: Oracle Linux 6 tomcat6 security update
Newsgroups: gmane.linux.oracle.el-errata
Date: Monday 11th March 2013 23:14:05 UTC (over 3 years ago)
Oracle Linux Security Advisory ELSA-2013-0623

https://rhn.redhat.com/errata/RHSA-2013-0623.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
tomcat6-6.0.24-52.el6_4.noarch.rpm
tomcat6-admin-webapps-6.0.24-52.el6_4.noarch.rpm
tomcat6-docs-webapp-6.0.24-52.el6_4.noarch.rpm
tomcat6-el-2.1-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-javadoc-6.0.24-52.el6_4.noarch.rpm
tomcat6-jsp-2.1-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-lib-6.0.24-52.el6_4.noarch.rpm
tomcat6-servlet-2.5-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-webapps-6.0.24-52.el6_4.noarch.rpm

x86_64:
tomcat6-6.0.24-52.el6_4.noarch.rpm
tomcat6-admin-webapps-6.0.24-52.el6_4.noarch.rpm
tomcat6-docs-webapp-6.0.24-52.el6_4.noarch.rpm
tomcat6-el-2.1-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-javadoc-6.0.24-52.el6_4.noarch.rpm
tomcat6-jsp-2.1-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-lib-6.0.24-52.el6_4.noarch.rpm
tomcat6-servlet-2.5-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-webapps-6.0.24-52.el6_4.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/tomcat6-6.0.24-52.el6_4.src.rpm



Description of changes:

[0:6.0.24-52]
- Related: rhbz 882010 rhbz 883692 rhbz 883705
- Javadoc generation did not work. Using targetrhel-6.4.Z-noarch-candidate
- to avoid building on ppc64, ppc, and x390x.

[0:6.0.24-50]
- Resolves: rhbz 882010 CVE-2012-3439 CVE-2012-5885 CVE-2012-5886 
CVE-2012-5887
- three DIGEST authentication issues
- Resolves: rhbz 883692 CVE-2012-4534 Denial of service when using
- SSL NIO sendfile
- Resolves: rhbz 883705 CVE-2012-3546 Bypass of Realm security constraints
 
CD: 3ms