[El-errata] ELSA-2013-0623 Important: Oracle Linux 6 tomcat6 security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Mar 11 16:14:05 PDT 2013


Oracle Linux Security Advisory ELSA-2013-0623

https://rhn.redhat.com/errata/RHSA-2013-0623.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
tomcat6-6.0.24-52.el6_4.noarch.rpm
tomcat6-admin-webapps-6.0.24-52.el6_4.noarch.rpm
tomcat6-docs-webapp-6.0.24-52.el6_4.noarch.rpm
tomcat6-el-2.1-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-javadoc-6.0.24-52.el6_4.noarch.rpm
tomcat6-jsp-2.1-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-lib-6.0.24-52.el6_4.noarch.rpm
tomcat6-servlet-2.5-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-webapps-6.0.24-52.el6_4.noarch.rpm

x86_64:
tomcat6-6.0.24-52.el6_4.noarch.rpm
tomcat6-admin-webapps-6.0.24-52.el6_4.noarch.rpm
tomcat6-docs-webapp-6.0.24-52.el6_4.noarch.rpm
tomcat6-el-2.1-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-javadoc-6.0.24-52.el6_4.noarch.rpm
tomcat6-jsp-2.1-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-lib-6.0.24-52.el6_4.noarch.rpm
tomcat6-servlet-2.5-api-6.0.24-52.el6_4.noarch.rpm
tomcat6-webapps-6.0.24-52.el6_4.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/tomcat6-6.0.24-52.el6_4.src.rpm



Description of changes:

[0:6.0.24-52]
- Related: rhbz 882010 rhbz 883692 rhbz 883705
- Javadoc generation did not work. Using targetrhel-6.4.Z-noarch-candidate
- to avoid building on ppc64, ppc, and x390x.

[0:6.0.24-50]
- Resolves: rhbz 882010 CVE-2012-3439 CVE-2012-5885 CVE-2012-5886 
CVE-2012-5887
- three DIGEST authentication issues
- Resolves: rhbz 883692 CVE-2012-4534 Denial of service when using
- SSL NIO sendfile
- Resolves: rhbz 883705 CVE-2012-3546 Bypass of Realm security constraints





More information about the El-errata mailing list