Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Errata Announcements for Oracle Linux <el-errata <at> oss.oracle.com>
Subject: ELSA-2013-0640 Important: Oracle Linux 5 tomcat5 security update
Newsgroups: gmane.linux.oracle.el-errata
Date: Wednesday 13th March 2013 12:43:57 UTC (over 3 years ago)
Oracle Linux Security Advisory ELSA-2013-0640

https://rhn.redhat.com/errata/RHSA-2013-0640.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
tomcat5-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-common-lib-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-jasper-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-server-lib-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm
tomcat5-webapps-5.5.23-0jpp.38.el5_9.i386.rpm

x86_64:
tomcat5-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-common-lib-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-jasper-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-server-lib-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm
tomcat5-webapps-5.5.23-0jpp.38.el5_9.x86_64.rpm

ia64:
tomcat5-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-common-lib-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-jasper-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-server-lib-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm
tomcat5-webapps-5.5.23-0jpp.38.el5_9.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/tomcat5-5.5.23-0jpp.38.el5_9.src.rpm



Description of changes:

[0:5.5.23-0jpp.38]
- Resolves: CVE-2012-3439 rhbz#882008 three DIGEST authentication
- implementation
- Resolves: CVE-2012-3546, rhbz#913034 Bypass of security constraints.
- Remove unneeded handling of FORM authentication in RealmBase
 
CD: 3ms