RHSA-2010:0581

Description

Red Hat Security Advisory: tomcat5 and tomcat6 security update

Affected Systems

• redhat•tomcat5

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-admin-webapps

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-common-lib

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-jasper

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-jasper-eclipse

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-jasper-javadoc

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-jsp-2.0-api

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-jsp-2.0-api-javadoc

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-parent

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-server-lib

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-servlet-2.4-api

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-servlet-2.4-api-javadoc

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat5-webapps

  < 0:5.5.28-9.patch_01.jdk6.ep5.el4 | < 0:5.5.28-9.patch_01.1.jdk6.ep5.el5

• redhat•tomcat6

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-admin-webapps

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-docs-webapp

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-el-1.0-api

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-javadoc

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-jsp-2.1-api

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-lib

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-log4j

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-servlet-2.5-api

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

• redhat•tomcat6-webapps

  < 0:6.0.24-7.patch_01.jdk6.ep5.el4 | < 0:6.0.24-7.patch_01.jdk6.ep5.el5

References (9)

• https://access.redhat.com/errata/RHSA-2010:0581
• https://access.redhat.com/security/updates/classification/#important
• http://tomcat.apache.org/security-5.html
• http://tomcat.apache.org/security-6.html
• https://bugzilla.redhat.com/show_bug.cgi?id=612799
• https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0581.json
• https://access.redhat.com/security/cve/CVE-2010-2227
• https://www.cve.org/CVERecord?id=CVE-2010-2227
• https://nvd.nist.gov/vuln/detail/CVE-2010-2227