ELSA-2015-1695

ELSA-2015-1695 - jakarta-taglibs-standard security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2015-08-31

Description

[0:1.1.1-11.7]
- Gracefully handle parsers without FSP support (e.g. Java 5 GCJ)
- Resolves: CVE-2015-0254

[0:1.1.1-11.6]
- Prevent XXE and RCE in JSTL XML tags
- Apply correction for previous CVE-2015-0254 patch (prevent XXE in )
- Resolves: CVE-2015-0254

[0:1.1.1-11.5]
- Prevent XXE and RCE in JSTL XML tags
- Resolves: CVE-2015-0254

Related CVEs

CVE-2015-0254

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 6 (i386)	jakarta-taglibs-standard-1.1.1-11.7.el6_7.src.rpm	a541f12291243e05ea8e764e9dcb26a5	ELBA-2018-1885
	jakarta-taglibs-standard-1.1.1-11.7.el6_7.noarch.rpm	e5fa82ee1d64b6df1f730b8d0f9dad64	ELBA-2018-1885
	jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7.noarch.rpm	11e22ddc9c3c34fdc02dbaab9c79cc84	ELBA-2018-1885
Oracle Linux 6 (x86_64)	jakarta-taglibs-standard-1.1.1-11.7.el6_7.src.rpm	a541f12291243e05ea8e764e9dcb26a5	ELBA-2018-1885
	jakarta-taglibs-standard-1.1.1-11.7.el6_7.noarch.rpm	e5fa82ee1d64b6df1f730b8d0f9dad64	ELBA-2018-1885
	jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7.noarch.rpm	11e22ddc9c3c34fdc02dbaab9c79cc84	ELBA-2018-1885
Oracle Linux 7 (aarch64)	jakarta-taglibs-standard-1.1.2-14.el7_1.src.rpm	85db61d019dfd3edd43d07d87783d492	-
	jakarta-taglibs-standard-1.1.2-14.el7_1.noarch.rpm	de743b533bca10d4ff7d12823a90fe02	-
	jakarta-taglibs-standard-javadoc-1.1.2-14.el7_1.noarch.rpm	2e7d202a9a66fd0f333a849cea664f8f	-
Oracle Linux 7 (x86_64)	jakarta-taglibs-standard-1.1.2-14.el7_1.src.rpm	85db61d019dfd3edd43d07d87783d492	-
	jakarta-taglibs-standard-1.1.2-14.el7_1.noarch.rpm	de743b533bca10d4ff7d12823a90fe02	-
	jakarta-taglibs-standard-javadoc-1.1.2-14.el7_1.noarch.rpm	2e7d202a9a66fd0f333a849cea664f8f	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team