ELSA-2016-2045

ULN >
Oracle Linux Errata repository >
ELSA-2016-2045

ELSA-2016-2045 - tomcat6 security and bug fix update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2016-10-10

Description

[0:6.0.24-98]
- Resolves: rhbz#1362210 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header
- Resolves: rhbz#1368119

[0:6.0.24-97]
- Resolves: rhbz#1367051 CVE-2015-5174 URL Normalization issue
- Resolves: rhbz#1367054 CVE-2016-0706 Security Manager bypass via StatusManagerServlet
- Resolves: rhbz#1367058 CVE-2016-0714 Security Manager bypass via persistence mechanisms
- Resolves: rhbz#1367054 CVE-2015-5345 Directory disclosure

[0:6.0.24-96]
- Resolves: rhbz#1357123 rpm -V tomcat6 fails due on /var/log/tomcat6/catalina.out

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 6 (i386)	tomcat6-6.0.24-98.el6_8.src.rpm	70ac8d4351b0ae7b3e01a99d60850284	ELSA-2020-2529
	tomcat6-6.0.24-98.el6_8.noarch.rpm	372d3fb8c2e00d8321dd83db1dd29698	ELSA-2020-2529
	tomcat6-admin-webapps-6.0.24-98.el6_8.noarch.rpm	4e1c0d5b43d89bb83a82970b34924f7a	ELSA-2020-2529
	tomcat6-docs-webapp-6.0.24-98.el6_8.noarch.rpm	5ece9692e18ba961f3f1832a95d00164	ELSA-2020-2529
	tomcat6-el-2.1-api-6.0.24-98.el6_8.noarch.rpm	fcc438b5c1626bebc298a3c2e9d7e0cd	ELSA-2020-2529
	tomcat6-javadoc-6.0.24-98.el6_8.noarch.rpm	416cdc16238400e6e86fcb1a690975d3	ELSA-2020-2529
	tomcat6-jsp-2.1-api-6.0.24-98.el6_8.noarch.rpm	bd6f3463c345d3b7d1f70a63b0d8a357	ELSA-2020-2529
	tomcat6-lib-6.0.24-98.el6_8.noarch.rpm	d59de100db398453cdc6ec7d25fd0a0a	ELSA-2020-2529
	tomcat6-servlet-2.5-api-6.0.24-98.el6_8.noarch.rpm	9ac355b0b04d6ba5b4d7f7f1daec4aa4	ELSA-2020-2529
	tomcat6-webapps-6.0.24-98.el6_8.noarch.rpm	9e57f27aa55c88aa724bfe764c35a575	ELSA-2020-2529

Oracle Linux 6 (x86_64)	tomcat6-6.0.24-98.el6_8.src.rpm	70ac8d4351b0ae7b3e01a99d60850284	ELSA-2020-2529
	tomcat6-6.0.24-98.el6_8.noarch.rpm	372d3fb8c2e00d8321dd83db1dd29698	ELSA-2020-2529
	tomcat6-admin-webapps-6.0.24-98.el6_8.noarch.rpm	4e1c0d5b43d89bb83a82970b34924f7a	ELSA-2020-2529
	tomcat6-docs-webapp-6.0.24-98.el6_8.noarch.rpm	5ece9692e18ba961f3f1832a95d00164	ELSA-2020-2529
	tomcat6-el-2.1-api-6.0.24-98.el6_8.noarch.rpm	fcc438b5c1626bebc298a3c2e9d7e0cd	ELSA-2020-2529
	tomcat6-javadoc-6.0.24-98.el6_8.noarch.rpm	416cdc16238400e6e86fcb1a690975d3	ELSA-2020-2529
	tomcat6-jsp-2.1-api-6.0.24-98.el6_8.noarch.rpm	bd6f3463c345d3b7d1f70a63b0d8a357	ELSA-2020-2529
	tomcat6-lib-6.0.24-98.el6_8.noarch.rpm	d59de100db398453cdc6ec7d25fd0a0a	ELSA-2020-2529
	tomcat6-servlet-2.5-api-6.0.24-98.el6_8.noarch.rpm	9ac355b0b04d6ba5b4d7f7f1daec4aa4	ELSA-2020-2529
	tomcat6-webapps-6.0.24-98.el6_8.noarch.rpm	9e57f27aa55c88aa724bfe764c35a575	ELSA-2020-2529

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691