tomcat6 6.0.18-0ubuntu6.2 source package in Ubuntu
Changelog
tomcat6 (6.0.18-0ubuntu6.2) jaunty-security; urgency=low
* SECURITY UPDATE: arbitrary file creation or overwrite from directory
traversal via a .. entry in a WAR file.
- CVE-2009-2693
* SECURITY UPDATE: authentication bypass via autodeployment process
- CVE-2009-2901
* SECURITY UPDATE: work-directory file deletion via directory traversal
sequences in a WAR filename.
- CVE-2009-2902
- debian/patches/security_CVE-2009-2693_2901_2902.patch: validate file
names and paths in java/org/apache/catalina/loader/
{LocalStrings.properties,WebappClassLoader.java},
java/org/apache/catalina/startup/{ContextConfig.java,ExpandWar.java,
HostConfig.java,LocalStrings.properties}
-- Marc Deslauriers <email address hidden> Thu, 11 Feb 2010 08:41:39 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Jaunty
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- all
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| tomcat6_6.0.18.orig.tar.gz | 3.3 MiB | f5ad5dd12e221d75e25234ca734fb434cf45f3fcea93623232a73dc9bfd03dc4 |
| tomcat6_6.0.18-0ubuntu6.2.diff.gz | 28.5 KiB | cddf0bf3e460128e0fba5617b7b452a4967212ec3271a0596c60c58291ae24c5 |
| tomcat6_6.0.18-0ubuntu6.2.dsc | 1.4 KiB | c27fd8e67817df4b2c3edcb4bef8a4d228374b90f1879b75dfba7d08e9493376 |
Available diffs
Binary packages built by this source
- libservlet2.5-java: No summary available for libservlet2.5-java in ubuntu jaunty.
No description available for libservlet2.5-java in ubuntu jaunty.
- libservlet2.5-java-doc: No summary available for libservlet2.5-java-doc in ubuntu jaunty.
No description available for libservlet2.
5-java- doc in ubuntu jaunty.
- libtomcat6-java: No summary available for libtomcat6-java in ubuntu jaunty.
No description available for libtomcat6-java in ubuntu jaunty.
- tomcat6: No summary available for tomcat6 in ubuntu jaunty.
No description available for tomcat6 in ubuntu jaunty.
- tomcat6-admin: No summary available for tomcat6-admin in ubuntu jaunty.
No description available for tomcat6-admin in ubuntu jaunty.
- tomcat6-common: No summary available for tomcat6-common in ubuntu jaunty.
No description available for tomcat6-common in ubuntu jaunty.
- tomcat6-docs: No summary available for tomcat6-docs in ubuntu jaunty.
No description available for tomcat6-docs in ubuntu jaunty.
- tomcat6-examples: No summary available for tomcat6-examples in ubuntu jaunty.
No description available for tomcat6-examples in ubuntu jaunty.
- tomcat6-user: No summary available for tomcat6-user in ubuntu jaunty.
No description available for tomcat6-user in ubuntu jaunty.
