tomcat6 6.0.20-2ubuntu2.1 source package in Ubuntu

Changelog

tomcat6 (6.0.20-2ubuntu2.1) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary file creation or overwrite from directory
    traversal via a .. entry in a WAR file.
    - CVE-2009-2693
  * SECURITY UPDATE: authentication bypass via autodeployment process
    - CVE-2009-2901
  * SECURITY UPDATE: work-directory file deletion via directory traversal
    sequences in a WAR filename.
    - CVE-2009-2902
    - debian/patches/security_CVE-2009-2693_2901_2902.patch: validate file
      names and paths in java/org/apache/catalina/loader/
      {LocalStrings.properties,WebappClassLoader.java},
      java/org/apache/catalina/startup/{ContextConfig.java,ExpandWar.java,
      HostConfig.java,LocalStrings.properties}
 -- Marc Deslauriers <email address hidden>   Wed, 10 Feb 2010 15:46:14 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2010-02-11
Uploaded to:
Karmic
Original maintainer:
Ubuntu Development Team
Architectures:
all
Section:
java
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Karmic: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
tomcat6_6.0.20.orig.tar.gz 3.4 MiB e8f709f0aeda8e164362144aca253249f050bc330e622dbb4196434db9933298
tomcat6_6.0.20-2ubuntu2.1.diff.gz 23.6 KiB 764fc95abecdabeab9c394a27e516ab6326fbe10e6bf1e5b9f0bba21f0a50ba1
tomcat6_6.0.20-2ubuntu2.1.dsc 1.5 KiB e793d21c5f34c04f90b5527aacb9a4606ccd986fee3db6c8a3e6a15dd4522eeb

View changes file

Binary packages built by this source

libservlet2.5-java: No summary available for libservlet2.5-java in ubuntu karmic.

No description available for libservlet2.5-java in ubuntu karmic.

libservlet2.5-java-doc: No summary available for libservlet2.5-java-doc in ubuntu karmic.

No description available for libservlet2.5-java-doc in ubuntu karmic.

libtomcat6-java: No summary available for libtomcat6-java in ubuntu karmic.

No description available for libtomcat6-java in ubuntu karmic.

tomcat6: No summary available for tomcat6 in ubuntu karmic.

No description available for tomcat6 in ubuntu karmic.

tomcat6-admin: No summary available for tomcat6-admin in ubuntu karmic.

No description available for tomcat6-admin in ubuntu karmic.

tomcat6-common: No summary available for tomcat6-common in ubuntu karmic.

No description available for tomcat6-common in ubuntu karmic.

tomcat6-docs: No summary available for tomcat6-docs in ubuntu karmic.

No description available for tomcat6-docs in ubuntu karmic.

tomcat6-examples: No summary available for tomcat6-examples in ubuntu karmic.

No description available for tomcat6-examples in ubuntu karmic.

tomcat6-user: No summary available for tomcat6-user in ubuntu karmic.

No description available for tomcat6-user in ubuntu karmic.