[El-errata] ELSA-2014-1034 Low: Oracle Linux 7 tomcat security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Aug 7 13:37:19 PDT 2014
Oracle Linux Security Advisory ELSA-2014-1034
https://access.redhat.com/errata/RHSA-2014:1034.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
tomcat-7.0.42-8.el7_0.noarch.rpm
tomcat-admin-webapps-7.0.42-8.el7_0.noarch.rpm
tomcat-docs-webapp-7.0.42-8.el7_0.noarch.rpm
tomcat-el-2.2-api-7.0.42-8.el7_0.noarch.rpm
tomcat-javadoc-7.0.42-8.el7_0.noarch.rpm
tomcat-jsp-2.2-api-7.0.42-8.el7_0.noarch.rpm
tomcat-jsvc-7.0.42-8.el7_0.noarch.rpm
tomcat-lib-7.0.42-8.el7_0.noarch.rpm
tomcat-servlet-3.0-api-7.0.42-8.el7_0.noarch.rpm
tomcat-webapps-7.0.42-8.el7_0.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tomcat-7.0.42-8.el7_0.src.rpm
Description of changes:
[0:7.0.42-8]
- Resolves: CVE-2013-4590
- Resolves: CVE-2014-0119
[0:7.0.42-7]
- Related: CVE-2014-0099 incrementing release so rpmdiff doesn't
complain about
- no new entries in the changelog
[0:7.0.42-6]
- Resolves: CVE-2014-0099 Fix possible overflow when parsing
- long values from byte array
- Resolves: CVE-2014-0096 Information discloser process XSLT
- files not subject to same constraint running under
- java security manager
- Resolves: CVE-2014-0075 Avoid overflow in ChunkedInputFilter.
More information about the El-errata
mailing list