ELSA-2013-0640

ULN >
Oracle Linux Errata repository >
ELSA-2013-0640

ELSA-2013-0640 - tomcat5 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2013-03-12

Description

[0:5.5.23-0jpp.38]
- Resolves: CVE-2012-3439 rhbz#882008 three DIGEST authentication
- implementation
- Resolves: CVE-2012-3546, rhbz#913034 Bypass of security constraints.
- Remove unneeded handling of FORM authentication in RealmBase

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 5 (i386)	tomcat5-5.5.23-0jpp.38.el5_9.src.rpm	c919146e564c4112a46c4d295f2ae1cc1954ebf2b2a41fd09bda4c6a00d08935	ELSA-2013-0870	ol5_i386_latest
	tomcat5-5.5.23-0jpp.38.el5_9.src.rpm	c919146e564c4112a46c4d295f2ae1cc1954ebf2b2a41fd09bda4c6a00d08935	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-5.5.23-0jpp.38.el5_9.i386.rpm	6d4ec683142264922e59ece265bd3d9cf74f2288af13433af7dcd406fe183ed7	ELSA-2013-0870	ol5_i386_latest
	tomcat5-5.5.23-0jpp.38.el5_9.i386.rpm	6d4ec683142264922e59ece265bd3d9cf74f2288af13433af7dcd406fe183ed7	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.i386.rpm	a6c14cb0fc49870224a4f1401f311ab4d3d6baae5793b6eea22218b287a76e8d	ELSA-2013-0870	ol5_i386_latest
	tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.i386.rpm	a6c14cb0fc49870224a4f1401f311ab4d3d6baae5793b6eea22218b287a76e8d	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-common-lib-5.5.23-0jpp.38.el5_9.i386.rpm	93863ce39c49b3d5b96a7c18b9eb4ab94a2637b1d90f9574d350124c3cff7800	ELSA-2013-0870	ol5_i386_latest
	tomcat5-common-lib-5.5.23-0jpp.38.el5_9.i386.rpm	93863ce39c49b3d5b96a7c18b9eb4ab94a2637b1d90f9574d350124c3cff7800	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-jasper-5.5.23-0jpp.38.el5_9.i386.rpm	635fb080893b981e3e1ec0e25f32c88648aa209007a6382a1603185dbfd76588	ELSA-2013-0870	ol5_i386_latest
	tomcat5-jasper-5.5.23-0jpp.38.el5_9.i386.rpm	635fb080893b981e3e1ec0e25f32c88648aa209007a6382a1603185dbfd76588	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm	03e7a67c92c2287b165dcbd55ad40d7efd67efcd0448b85d82799dbf58423b78	ELSA-2013-0870	ol5_i386_latest
	tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm	03e7a67c92c2287b165dcbd55ad40d7efd67efcd0448b85d82799dbf58423b78	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.i386.rpm	567235eea561852780da6e8905d9f5f27ffc2bfc71c5e4f7cbf0625bfab06a45	ELSA-2013-0870	ol5_i386_latest
	tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.i386.rpm	567235eea561852780da6e8905d9f5f27ffc2bfc71c5e4f7cbf0625bfab06a45	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm	cd316347b59a68211f65ccd3e2f1576bd872e75c0dab3500f32fcc31604b1f15	ELSA-2013-0870	ol5_i386_latest
	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm	cd316347b59a68211f65ccd3e2f1576bd872e75c0dab3500f32fcc31604b1f15	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-server-lib-5.5.23-0jpp.38.el5_9.i386.rpm	09730b5d84258b1aa6779dfe34ec52c5b13f4a536a8e407298f899917e1693ca	ELSA-2013-0870	ol5_i386_latest
	tomcat5-server-lib-5.5.23-0jpp.38.el5_9.i386.rpm	09730b5d84258b1aa6779dfe34ec52c5b13f4a536a8e407298f899917e1693ca	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.i386.rpm	8a032a9e58ac5e93f672af33cdf12a0a9f5337d0c8c8828a42008af479c168af	ELSA-2013-0870	ol5_i386_latest
	tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.i386.rpm	8a032a9e58ac5e93f672af33cdf12a0a9f5337d0c8c8828a42008af479c168af	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm	35c40144a5133876d9a89c936a0253cc4c5881672445adab24a3724f02c40bcc	ELSA-2013-0870	ol5_i386_latest
	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.i386.rpm	35c40144a5133876d9a89c936a0253cc4c5881672445adab24a3724f02c40bcc	ELSA-2013-0870	ol5_u9_i386_patch
	tomcat5-webapps-5.5.23-0jpp.38.el5_9.i386.rpm	3feb7fc4268adb6e2a22759c53cc2ddbab84ba2d5bf7e1bc2b4786ab868508ca	ELSA-2013-0870	ol5_i386_latest
	tomcat5-webapps-5.5.23-0jpp.38.el5_9.i386.rpm	3feb7fc4268adb6e2a22759c53cc2ddbab84ba2d5bf7e1bc2b4786ab868508ca	ELSA-2013-0870	ol5_u9_i386_patch

Oracle Linux 5 (ia64)	tomcat5-5.5.23-0jpp.38.el5_9.src.rpm	c919146e564c4112a46c4d295f2ae1cc1954ebf2b2a41fd09bda4c6a00d08935	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-5.5.23-0jpp.38.el5_9.src.rpm	c919146e564c4112a46c4d295f2ae1cc1954ebf2b2a41fd09bda4c6a00d08935	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-5.5.23-0jpp.38.el5_9.ia64.rpm	328277898b9143b314982aa80785de46b5081fba477a0e6baf0a8d2e2b46b90b	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-5.5.23-0jpp.38.el5_9.ia64.rpm	328277898b9143b314982aa80785de46b5081fba477a0e6baf0a8d2e2b46b90b	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.ia64.rpm	e84e02f2f512cbabe470ab7b966ad5fd994bc5dc5c488523499ace0074514d11	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.ia64.rpm	e84e02f2f512cbabe470ab7b966ad5fd994bc5dc5c488523499ace0074514d11	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-common-lib-5.5.23-0jpp.38.el5_9.ia64.rpm	c92f27430ec469b3292123c59cad67e6a65267545fa7af4b49e42ef44696dea1	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-common-lib-5.5.23-0jpp.38.el5_9.ia64.rpm	c92f27430ec469b3292123c59cad67e6a65267545fa7af4b49e42ef44696dea1	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-jasper-5.5.23-0jpp.38.el5_9.ia64.rpm	daeab5dc3d8be08ca8ec06b5ddced5580e0cfa07f5fcc8ab6dd119c07a67d234	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-jasper-5.5.23-0jpp.38.el5_9.ia64.rpm	daeab5dc3d8be08ca8ec06b5ddced5580e0cfa07f5fcc8ab6dd119c07a67d234	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm	8cfdc0c220ba2054fc8ea5546317dfcc5fe1c1b6c8a0daee4f1c27dffbff6c3a	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm	8cfdc0c220ba2054fc8ea5546317dfcc5fe1c1b6c8a0daee4f1c27dffbff6c3a	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.ia64.rpm	d065a15bd25e646e1cb1b5e732ed7c9800090f6c0be25c6d76284292f822caeb	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.ia64.rpm	d065a15bd25e646e1cb1b5e732ed7c9800090f6c0be25c6d76284292f822caeb	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm	01b51053e1369943113498017e69e8520335b4a83dc9229ba85fb5387c1506c2	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm	01b51053e1369943113498017e69e8520335b4a83dc9229ba85fb5387c1506c2	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-server-lib-5.5.23-0jpp.38.el5_9.ia64.rpm	ecac9a30270af2d7da8115810f227cc19a9187c6057a23c6f59396f734d49d17	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-server-lib-5.5.23-0jpp.38.el5_9.ia64.rpm	ecac9a30270af2d7da8115810f227cc19a9187c6057a23c6f59396f734d49d17	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.ia64.rpm	44de4f34b1646f88d1e2c5ad0391d10cd480cc4d3b0218500225dc1612b06170	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.ia64.rpm	44de4f34b1646f88d1e2c5ad0391d10cd480cc4d3b0218500225dc1612b06170	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm	fe106aea95f8672eb8f28a329173f438183679638cbcd88c85c55b6961544ffb	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.ia64.rpm	fe106aea95f8672eb8f28a329173f438183679638cbcd88c85c55b6961544ffb	ELSA-2013-0870	ol5_u9_ia64_patch
	tomcat5-webapps-5.5.23-0jpp.38.el5_9.ia64.rpm	d736295734aab100679c1999307b9dc22326c53f76ad28e7384c6330fea7d6c9	ELSA-2013-0870	ol5_ia64_latest
	tomcat5-webapps-5.5.23-0jpp.38.el5_9.ia64.rpm	d736295734aab100679c1999307b9dc22326c53f76ad28e7384c6330fea7d6c9	ELSA-2013-0870	ol5_u9_ia64_patch

Oracle Linux 5 (x86_64)	tomcat5-5.5.23-0jpp.38.el5_9.src.rpm	c919146e564c4112a46c4d295f2ae1cc1954ebf2b2a41fd09bda4c6a00d08935	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-5.5.23-0jpp.38.el5_9.src.rpm	c919146e564c4112a46c4d295f2ae1cc1954ebf2b2a41fd09bda4c6a00d08935	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-5.5.23-0jpp.38.el5_9.x86_64.rpm	fc1287cbadc697b5534945f5b0171334a35bdc40bffec128ce6fe5b37942a62f	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-5.5.23-0jpp.38.el5_9.x86_64.rpm	fc1287cbadc697b5534945f5b0171334a35bdc40bffec128ce6fe5b37942a62f	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.x86_64.rpm	d68e578a6fdad78f8b6ac477dc6ec274a44679595cb763e62f5a8d1fb717fbab	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-admin-webapps-5.5.23-0jpp.38.el5_9.x86_64.rpm	d68e578a6fdad78f8b6ac477dc6ec274a44679595cb763e62f5a8d1fb717fbab	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-common-lib-5.5.23-0jpp.38.el5_9.x86_64.rpm	625c558c886ee958122baad83919f5dab412556c691c9445c371fbb479cb515f	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-common-lib-5.5.23-0jpp.38.el5_9.x86_64.rpm	625c558c886ee958122baad83919f5dab412556c691c9445c371fbb479cb515f	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-jasper-5.5.23-0jpp.38.el5_9.x86_64.rpm	b32ac52e07fc90f8322f9743bf86b09651662360c390f3aa3d34a4f4aa60ec96	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-jasper-5.5.23-0jpp.38.el5_9.x86_64.rpm	b32ac52e07fc90f8322f9743bf86b09651662360c390f3aa3d34a4f4aa60ec96	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm	7b7d0255ce8103c7781e57821730c678a1bdaf5bf4801e52cd97f7e39a19a044	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-jasper-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm	7b7d0255ce8103c7781e57821730c678a1bdaf5bf4801e52cd97f7e39a19a044	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.x86_64.rpm	0e273af1e2a16af1cde1c7ba7d6c6fe6c188a9f5da97839922b5ae7ef2cf9804	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-jsp-2.0-api-5.5.23-0jpp.38.el5_9.x86_64.rpm	0e273af1e2a16af1cde1c7ba7d6c6fe6c188a9f5da97839922b5ae7ef2cf9804	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm	959d92b43f0f0f33a84db2697876eb47d4747ce43dae5da0394dc8c9ab2f08dc	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm	959d92b43f0f0f33a84db2697876eb47d4747ce43dae5da0394dc8c9ab2f08dc	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-server-lib-5.5.23-0jpp.38.el5_9.x86_64.rpm	299bded70849cf0822438c374859d87ffdcea1c2d4e177d597016ba590205eb7	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-server-lib-5.5.23-0jpp.38.el5_9.x86_64.rpm	299bded70849cf0822438c374859d87ffdcea1c2d4e177d597016ba590205eb7	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.x86_64.rpm	a83d067490df58dea6b1d03a1f44ceda8aa5a7f7a115f2df17b43204ce9dfaee	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-servlet-2.4-api-5.5.23-0jpp.38.el5_9.x86_64.rpm	a83d067490df58dea6b1d03a1f44ceda8aa5a7f7a115f2df17b43204ce9dfaee	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm	54e92610de9a8e9f128f115f66016f4e20655925fce821ca745b14cb6e705b90	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.38.el5_9.x86_64.rpm	54e92610de9a8e9f128f115f66016f4e20655925fce821ca745b14cb6e705b90	ELSA-2013-0870	ol5_x86_64_latest
	tomcat5-webapps-5.5.23-0jpp.38.el5_9.x86_64.rpm	86027d849c81aa4384ebc9e28cd19a9c63dd834b22001e4518f5628effedd90e	ELSA-2013-0870	ol5_u9_x86_64_patch
	tomcat5-webapps-5.5.23-0jpp.38.el5_9.x86_64.rpm	86027d849c81aa4384ebc9e28cd19a9c63dd834b22001e4518f5628effedd90e	ELSA-2013-0870	ol5_x86_64_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691