FEDORA-EPEL-2016-a886ace670 created by csutherl 4 years ago for Fedora EPEL 6
stable

This updates includes a rebase from tomcat 7.0.70 up to 7.0.72 which resolves multiple CVEs:

  • #1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header
  • #1390533 CVE-2016-0762 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 tomcat: various flaws

and includes one additional CVE fix along with two bug fixes:

  • #1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script
  • #1379170 jsvc script is broken
  • #1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones)

This update has been submitted for testing by csutherl.

4 years ago

This update has been pushed to testing.

4 years ago

csutherl edited this update.

3 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

3 years ago

This update has been submitted for stable by csutherl.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
4 years ago
in testing
4 years ago
in stable
3 years ago
modified
3 years ago
BZ#1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones)
0
0
BZ#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header [epel-all]
0
0
BZ#1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script [epel-6]
0
0
BZ#1379170 jsvc script is broken
0
0
BZ#1390533 CVE-2016-0762 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 tomcat: various flaws [epel-6]
0
0

Automated Test Results