[El-errata] ELSA-2017-0527 Moderate: Oracle Linux 6 tomcat6 security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Mar 15 14:07:06 PDT 2017
Oracle Linux Security Advisory ELSA-2017-0527
http://linux.oracle.com/errata/ELSA-2017-0527.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
tomcat6-6.0.24-105.el6_8.noarch.rpm
tomcat6-admin-webapps-6.0.24-105.el6_8.noarch.rpm
tomcat6-docs-webapp-6.0.24-105.el6_8.noarch.rpm
tomcat6-el-2.1-api-6.0.24-105.el6_8.noarch.rpm
tomcat6-javadoc-6.0.24-105.el6_8.noarch.rpm
tomcat6-jsp-2.1-api-6.0.24-105.el6_8.noarch.rpm
tomcat6-lib-6.0.24-105.el6_8.noarch.rpm
tomcat6-servlet-2.5-api-6.0.24-105.el6_8.noarch.rpm
tomcat6-webapps-6.0.24-105.el6_8.noarch.rpm
x86_64:
tomcat6-6.0.24-105.el6_8.noarch.rpm
tomcat6-admin-webapps-6.0.24-105.el6_8.noarch.rpm
tomcat6-docs-webapp-6.0.24-105.el6_8.noarch.rpm
tomcat6-el-2.1-api-6.0.24-105.el6_8.noarch.rpm
tomcat6-javadoc-6.0.24-105.el6_8.noarch.rpm
tomcat6-jsp-2.1-api-6.0.24-105.el6_8.noarch.rpm
tomcat6-lib-6.0.24-105.el6_8.noarch.rpm
tomcat6-servlet-2.5-api-6.0.24-105.el6_8.noarch.rpm
tomcat6-webapps-6.0.24-105.el6_8.noarch.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/tomcat6-6.0.24-105.el6_8.src.rpm
Description of changes:
[0:6.0.24-105]
- Related: rhbz#1402664 CVE-2016-6816 Adding system property from
asfbz-60594 to allow use of some un-encoded characters
- Related: rhbz#1402664 CVE-2016-6816 Resolving a security regression
(2017-6056) caused by CVE-2016-6816
[0:6.0.24-104]
- Related: rhbz#1402664 build. reverting ExcludeArch to fix composes
[0:6.0.24-102]
- Resolves: rhbz#1413589 CVE-2016-8745 tomcat6: tomcat: information
disclosure due to incorrect Processor sharing
- Resolves: rhbz#1402664 CVE-2016-6816 tomcat6: tomcat: HTTP Request
smuggling vulnerability due to permitting invalid character in HTTP requests
More information about the El-errata
mailing list