tomcat6 6.0.18-0ubuntu6.2 source package in Ubuntu

Changelog

tomcat6 (6.0.18-0ubuntu6.2) jaunty-security; urgency=low

  * SECURITY UPDATE: arbitrary file creation or overwrite from directory
    traversal via a .. entry in a WAR file.
    - CVE-2009-2693
  * SECURITY UPDATE: authentication bypass via autodeployment process
    - CVE-2009-2901
  * SECURITY UPDATE: work-directory file deletion via directory traversal
    sequences in a WAR filename.
    - CVE-2009-2902
    - debian/patches/security_CVE-2009-2693_2901_2902.patch: validate file
      names and paths in java/org/apache/catalina/loader/
      {LocalStrings.properties,WebappClassLoader.java},
      java/org/apache/catalina/startup/{ContextConfig.java,ExpandWar.java,
      HostConfig.java,LocalStrings.properties}
 -- Marc Deslauriers <email address hidden>   Thu, 11 Feb 2010 08:41:39 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2010-02-11
Uploaded to:
Jaunty
Original maintainer:
Ubuntu Development Team
Architectures:
all
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Jaunty: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
tomcat6_6.0.18.orig.tar.gz 3.3 MiB f5ad5dd12e221d75e25234ca734fb434cf45f3fcea93623232a73dc9bfd03dc4
tomcat6_6.0.18-0ubuntu6.2.diff.gz 28.5 KiB cddf0bf3e460128e0fba5617b7b452a4967212ec3271a0596c60c58291ae24c5
tomcat6_6.0.18-0ubuntu6.2.dsc 1.4 KiB c27fd8e67817df4b2c3edcb4bef8a4d228374b90f1879b75dfba7d08e9493376

View changes file

Binary packages built by this source

libservlet2.5-java: No summary available for libservlet2.5-java in ubuntu jaunty.

No description available for libservlet2.5-java in ubuntu jaunty.

libservlet2.5-java-doc: No summary available for libservlet2.5-java-doc in ubuntu jaunty.

No description available for libservlet2.5-java-doc in ubuntu jaunty.

libtomcat6-java: No summary available for libtomcat6-java in ubuntu jaunty.

No description available for libtomcat6-java in ubuntu jaunty.

tomcat6: No summary available for tomcat6 in ubuntu jaunty.

No description available for tomcat6 in ubuntu jaunty.

tomcat6-admin: No summary available for tomcat6-admin in ubuntu jaunty.

No description available for tomcat6-admin in ubuntu jaunty.

tomcat6-common: No summary available for tomcat6-common in ubuntu jaunty.

No description available for tomcat6-common in ubuntu jaunty.

tomcat6-docs: No summary available for tomcat6-docs in ubuntu jaunty.

No description available for tomcat6-docs in ubuntu jaunty.

tomcat6-examples: No summary available for tomcat6-examples in ubuntu jaunty.

No description available for tomcat6-examples in ubuntu jaunty.

tomcat6-user: No summary available for tomcat6-user in ubuntu jaunty.

No description available for tomcat6-user in ubuntu jaunty.