ELSA-2014-1034

ELSA-2014-1034 - tomcat security update

Type:	SECURITY
Severity:	LOW
Release Date:	2014-08-07

Description

[0:7.0.42-8]
- Resolves: CVE-2013-4590
- Resolves: CVE-2014-0119

[0:7.0.42-7]
- Related: CVE-2014-0099 incrementing release so rpmdiff doesn't complain about
- no new entries in the changelog

[0:7.0.42-6]
- Resolves: CVE-2014-0099 Fix possible overflow when parsing
- long values from byte array
- Resolves: CVE-2014-0096 Information discloser process XSLT
- files not subject to same constraint running under
- java security manager
- Resolves: CVE-2014-0075 Avoid overflow in ChunkedInputFilter.

Related CVEs

CVE-2014-0119

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 7 (x86_64)	tomcat-7.0.42-8.el7_0.src.rpm	a715f9ee0c74c06dcbb271c7e1b00ca8	ELSA-2020-5020
	tomcat-7.0.42-8.el7_0.noarch.rpm	86b6565bb43d4c1d5a36488b81e5d4f8	ELSA-2020-5020
	tomcat-admin-webapps-7.0.42-8.el7_0.noarch.rpm	b1969b1b54241acd757fffa268a4bfb8	ELSA-2020-5020
	tomcat-docs-webapp-7.0.42-8.el7_0.noarch.rpm	4c3fbd77c559ba3a8d6d7c97c11b9f87	ELSA-2020-5020
	tomcat-el-2.2-api-7.0.42-8.el7_0.noarch.rpm	f88ba46d87222d78a12ae00ca898fd09	ELSA-2020-5020
	tomcat-javadoc-7.0.42-8.el7_0.noarch.rpm	308abd6f3a42645d260f037005f86a18	ELSA-2020-5020
	tomcat-jsp-2.2-api-7.0.42-8.el7_0.noarch.rpm	694a4f575085eaa490c3d4a5f71625a9	ELSA-2020-5020
	tomcat-jsvc-7.0.42-8.el7_0.noarch.rpm	27833cb8219196eb0d79d4ed3935ab02	ELSA-2020-5020
	tomcat-lib-7.0.42-8.el7_0.noarch.rpm	9fe82d089888f8ddceef7e0755369ec9	ELSA-2020-5020
	tomcat-servlet-3.0-api-7.0.42-8.el7_0.noarch.rpm	ea806ed7b2c7a651263601d32d77916c	ELSA-2020-5020
	tomcat-webapps-7.0.42-8.el7_0.noarch.rpm	86c12129f024b123878c435a93f8ceab	ELSA-2020-5020

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team