Mailinglist Archive: opensuse-updates (59 mails)

< Previous Next >
openSUSE-SU-2010:0616-1 (moderate): tomcat security update
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Wed, 15 Sep 2010 22:08:23 +0200 (CEST)
  • Message-id: <20100915200823.B4FBABE36@xxxxxxxxxxxxxx>
openSUSE Security Update: tomcat security update
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0616-1
Rating: moderate
References: #622188
Cross-References: CVE-2010-1157 CVE-2010-2227
Affected Products:
openSUSE 11.3
openSUSE 11.2
openSUSE 11.1
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.

Description:

This update of tomcat fixes denial of service and
information disclosure vulnerabilities which could
potentially be exploited by remote attackers to crash
tomcat or to obtain sensitive information (CVE-2010-2227,
CVE-2010-1157).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.3:

zypper in -t patch tomcat6-2739

- openSUSE 11.2:

zypper in -t patch tomcat6-2739

- openSUSE 11.1:

zypper in -t patch tomcat6-2739

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.3 (noarch):

tomcat6-6.0.24-5.1.1
tomcat6-admin-webapps-6.0.24-5.1.1
tomcat6-docs-webapp-6.0.24-5.1.1
tomcat6-el-1_0-api-6.0.24-5.1.1
tomcat6-javadoc-6.0.24-5.1.1
tomcat6-jsp-2_1-api-6.0.24-5.1.1
tomcat6-lib-6.0.24-5.1.1
tomcat6-servlet-2_5-api-6.0.24-5.1.1
tomcat6-webapps-6.0.24-5.1.1

- openSUSE 11.2 (noarch):

tomcat6-6.0.20-24.7.1
tomcat6-admin-webapps-6.0.20-24.7.1
tomcat6-docs-webapp-6.0.20-24.7.1
tomcat6-javadoc-6.0.20-24.7.1
tomcat6-jsp-2_1-api-6.0.20-24.7.1
tomcat6-lib-6.0.20-24.7.1
tomcat6-servlet-2_5-api-6.0.20-24.7.1
tomcat6-webapps-6.0.20-24.7.1

- openSUSE 11.1 (noarch):

tomcat6-6.0.18-16.4.1
tomcat6-admin-webapps-6.0.18-16.4.1
tomcat6-docs-webapp-6.0.18-16.4.1
tomcat6-javadoc-6.0.18-16.4.1
tomcat6-jsp-2_1-api-6.0.18-16.4.1
tomcat6-lib-6.0.18-16.4.1
tomcat6-servlet-2_5-api-6.0.18-16.4.1
tomcat6-webapps-6.0.18-16.4.1


References:

http://support.novell.com/security/cve/CVE-2010-1157.html
http://support.novell.com/security/cve/CVE-2010-2227.html
https://bugzilla.novell.com/622188


< Previous Next >
This Thread
  • No further messages