RHSA-2013:1011

Description

Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 update

Affected Systems

• redhat•apache-commons-daemon-eap6

  < 1:1.0.15-4.redhat_1.ep6.el5

• redhat•apache-commons-daemon-jsvc-eap6

  < 1:1.0.15-1.redhat_1.ep6.el5

• redhat•apache-commons-pool-eap6

  < 0:1.6-6.redhat_4.ep6.el5

• redhat•apache-commons-pool-tomcat-eap6

  < 0:1.6-6.redhat_4.ep6.el5

• redhat•dom4j

  < 0:1.6.1-19.redhat_5.ep6.el5

• redhat•ecj3

  < 1:3.7.2-6.redhat_1.ep6.el5

• redhat•httpd

  < 0:2.2.22-23.ep6.el5

• redhat•httpd-devel

  < 0:2.2.22-23.ep6.el5

• redhat•httpd-manual

  < 0:2.2.22-23.ep6.el5

• redhat•httpd-tools

  < 0:2.2.22-23.ep6.el5

• redhat•mod_cluster

  < 0:1.2.4-1.Final_redhat_1.ep6.el5

• redhat•mod_cluster-demo

  < 0:1.2.4-1.Final_redhat_1.ep6.el5

• redhat•mod_cluster-native

  < 0:1.2.4-1.Final.redhat_1.ep6.el5

• redhat•mod_cluster-tomcat6

  < 0:1.2.4-1.Final_redhat_1.ep6.el5

• redhat•mod_cluster-tomcat7

  < 0:1.2.4-1.Final_redhat_1.ep6.el5

• redhat•mod_jk

  < 0:1.2.37-2.redhat_1.ep6.el5

• redhat•mod_jk-ap22

  < 0:1.2.37-2.redhat_1.ep6.el5

• redhat•mod_jk-manual

  < 0:1.2.37-2.redhat_1.ep6.el5

• redhat•mod_ssl

  < 1:2.2.22-23.ep6.el5

• redhat•tomcat-native

  < 0:1.1.27-4.redhat_1.ep6.el5

• redhat•tomcat6

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-admin-webapps

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-docs-webapp

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-el-1.0-api

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-javadoc

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-jsp-2.1-api

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-lib

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-log4j

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-servlet-2.5-api

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat6-webapps

  < 0:6.0.37-8_patch_01.ep6.el5

• redhat•tomcat7

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-admin-webapps

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-docs-webapp

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-el-1.0-api

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-javadoc

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-jsp-2.2-api

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-lib

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-log4j

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-servlet-3.0-api

  < 0:7.0.40-9_patch_01.ep6.el5

• redhat•tomcat7-webapps

  < 0:7.0.40-9_patch_01.ep6.el5

References (25)

• https://access.redhat.com/errata/RHSA-2013:1011
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/site/documentation/
• https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Web_Server/2/html-single/Installation_Guide/index.html
• https://bugzilla.redhat.com/show_bug.cgi?id=915883
• https://bugzilla.redhat.com/show_bug.cgi?id=915884
• https://bugzilla.redhat.com/show_bug.cgi?id=961779
• https://bugzilla.redhat.com/show_bug.cgi?id=961783
• https://bugzilla.redhat.com/show_bug.cgi?id=961803
• https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1011.json
• https://access.redhat.com/security/cve/CVE-2012-3499
• https://www.cve.org/CVERecord?id=CVE-2012-3499
• https://nvd.nist.gov/vuln/detail/CVE-2012-3499
• https://access.redhat.com/security/cve/CVE-2012-3544
• https://www.cve.org/CVERecord?id=CVE-2012-3544
• https://nvd.nist.gov/vuln/detail/CVE-2012-3544
• https://access.redhat.com/security/cve/CVE-2012-4558
• https://www.cve.org/CVERecord?id=CVE-2012-4558
• https://nvd.nist.gov/vuln/detail/CVE-2012-4558
• https://access.redhat.com/security/cve/CVE-2013-2067
• https://www.cve.org/CVERecord?id=CVE-2013-2067
• https://nvd.nist.gov/vuln/detail/CVE-2013-2067
• https://access.redhat.com/security/cve/CVE-2013-2071
• https://www.cve.org/CVERecord?id=CVE-2013-2071
• https://nvd.nist.gov/vuln/detail/CVE-2013-2071