User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2010-16270 (tomcat6)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 13 Update: tomcat6-6.0.26-11.fc13
Date:  Mon, 01 Nov 2010 20:57:28 +0000
Message-ID:  <20101101205728.8D209110894@bastion02.phx2.fedoraproject.org>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-16270 2010-10-14 06:02:09 -------------------------------------------------------------------------------- Name : tomcat6 Product : Fedora 13 Version : 6.0.26 Release : 11.fc13 URL : http://tomcat.apache.org/ Summary : Apache Servlet/JSP Engine, RI for Servlet 2.5/JSP 2.1 API Description : Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. -------------------------------------------------------------------------------- Update Information: * Includes security fix for cve-2010-2227. * commons-dbcp-tomcat5, commons-collections-tomcat5, and commons-pool-tomcat5 have been dropped in favor of jakarta-commons-collections, jakarta-commons-pool, and jakarta-commons-dbcp * Directory permissions fixed * tomcat user shell fixed -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 12 2010 David Knox <dknox@redhat.com> 0:6.0.26-11 - resolving rhbzs for directory permissions. Change BR and R - for commons packages: no more commons-x-tomcat5. Fix tomcat - user shell. * Mon Oct 4 2010 David Knox <dknox@redhat.com> 0:6.0.26-10 - ant-nodeps is breaking the build. Put ant-nodeps on the - OPT_JAR_LIST * Fri Oct 1 2010 David Knox <dknox@rehat.com> 0:6.0.26-9 - Resolves rhbz#575341 - Additionally created instances of Tomcat - are broken * Fri Jul 2 2010 David Knox <dknox@rehat.com> 0:6.0.26-8 - LSB initscript compliance * Thu Jul 1 2010 David Knox <dknox@redhat.com> 0:6.0.26-7 - Made elspec the standard for elspec %post and %postun. * Tue Jun 29 2010 David Knox <dknox@redhat.com> 0:6.0.26-6 - Completed package and file sections. Added el-spec. Fixed - directory permission problems. * Thu May 6 2010 David Knox <dknox@redhat.com> 0:6.0.26-5 - Working on 589145. Tomcat can't find java compiler for java. * Thu Apr 8 2010 David Knox <dknox@redhat.com> 0:6.0.26-4 - Moved build-jar-repository to later in the install process. * Tue Apr 6 2010 David Knox <dknox@redhat.com> 0:6.0.26-3 - Incremented the Release tag to 3 to avoid any confusion about which - is the most recent * Tue Apr 6 2010 David Knox <dknox@redhat.com> 0:6.0.26-1 - Solved packaging problems involving taglibs-standard - Solved packaging problems involving jakarta-commons - Corrected Requires(post) to Requires and checked companion BuildRequires * Mon Mar 29 2010 David Knox <dknox@redhat.com> 0:6.0.26-2 - Update source to tomcat6.0.26 - Bugzilla 572357 - Please retest. - OSGi manifests for servlet-api and jsp-api * Fri Mar 26 2010 Mary Ellen Foster <mefoster@gmail.com> 0:6.0.24-2 - Add maven POMs and metadata - Link tomcat6-juli into /usr/share/java/tomcat6 * Mon Mar 1 2010 Alexander Kurtakov <akurtako@redhat.com> 0:6.0.24-1 - Update to 6.0.24. -------------------------------------------------------------------------------- References: [ 1 ] Bug #612799 - CVE-2010-2227 tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header https://bugzilla.redhat.com/show_bug.cgi?id=612799 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update tomcat6' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds