[El-errata] ELSA-2015-1695 Important: Oracle Linux 6 jakarta-taglibs-standard security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Aug 31 08:48:26 PDT 2015
Oracle Linux Security Advisory ELSA-2015-1695
http://linux.oracle.com/errata/ELSA-2015-1695.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
jakarta-taglibs-standard-1.1.1-11.7.el6_7.noarch.rpm
jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7.noarch.rpm
x86_64:
jakarta-taglibs-standard-1.1.1-11.7.el6_7.noarch.rpm
jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7.noarch.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/jakarta-taglibs-standard-1.1.1-11.7.el6_7.src.rpm
Description of changes:
[0:1.1.1-11.7]
- Gracefully handle parsers without FSP support (e.g. Java 5 GCJ)
- Resolves: CVE-2015-0254
[0:1.1.1-11.6]
- Prevent XXE and RCE in JSTL XML tags
- Apply correction for previous CVE-2015-0254 patch (prevent XXE in
<x:transform>)
- Resolves: CVE-2015-0254
[0:1.1.1-11.5]
- Prevent XXE and RCE in JSTL XML tags
- Resolves: CVE-2015-0254
More information about the El-errata
mailing list