Fedora Core 6 Update: jakarta-commons-modeler-1.1-8jpp.2.fc6
Vivek Lakshmanan
vivekl at redhat.com
Mon May 21 22:37:09 UTC 2007
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-514
2007-05-21
---------------------------------------------------------------------
Product : Fedora Core 6
Name : jakarta-commons-modeler
Version : 1.1
Release : 8jpp.2.fc6
Summary : Jakarta Commons Modeler Package
Description :
The Modeler project shall create and maintain a set of Java
classes to provide the facilities described in the preceeding section, plus
unit tests and small examples of using these facilities to instrument
Java classes with Model MBean support.
---------------------------------------------------------------------
Update Information:
Several security issues were reported to be fixed in
releases prior to 5.5.23
(http://tomcat.apache.org/security-5.html)
Tomcat was found to accept multiple content-length headers
in a request. This could allow attackers to poison a
web-cache, bypass web application firewall protection, or
conduct cross-site scripting attacks. (CVE-2005-2090)
Tomcat permitted various characters as path delimiters. If
Tomcat was used behind certain proxies and configured to
only proxy some contexts, an attacker could construct an
HTTP request to work around the context restriction and
potentially access non-proxied content. (CVE-2007-0450)
The implict-objects.jsp file distributed in the examples
webapp displayed a number of unfiltered header values. If
the JSP examples were accessible, this flaw could allow a
remote attacker to perform cross-site scripting
attacks. (CVE-2006-7195)
Users should upgrade to these erratum packages which contain
an update to Tomcat that resolves these issues. Updated
jakarta-commons-modeler packages are also included which
correct a bug when used with Tomcat 5.5.23.
---------------------------------------------------------------------
* Sun Apr 29 2007 Vivek Lakshmanan <vivekl at redhat.com> - 0:1.1-8jpp.2
- Add patch to fix jira task: MODELER-15 to allow tomcat5 5.5.23
to build against j-c-modeler
- Resolves: bug 237704
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
dad1218b669850e79dbd5d467c95ed95301b8d34 SRPMS/jakarta-commons-modeler-1.1-8jpp.2.fc6.src.rpm
dad1218b669850e79dbd5d467c95ed95301b8d34 noarch/jakarta-commons-modeler-1.1-8jpp.2.fc6.src.rpm
8dd80a01e127b5d40d732ce2e75c5c04e2000421 ppc/jakarta-commons-modeler-javadoc-1.1-8jpp.2.fc6.ppc.rpm
dd1ab4ed4a18518210a3609441d3c337a2dd5a69 ppc/debug/jakarta-commons-modeler-debuginfo-1.1-8jpp.2.fc6.ppc.rpm
7f4b54c6922fb76248bafd205e14119183ea99df ppc/jakarta-commons-modeler-1.1-8jpp.2.fc6.ppc.rpm
2a629ca2249b3012627ce9cea4ef89eee957f82a x86_64/jakarta-commons-modeler-javadoc-1.1-8jpp.2.fc6.x86_64.rpm
c397048d0562227811fb735b49acb0bda2c68511 x86_64/debug/jakarta-commons-modeler-debuginfo-1.1-8jpp.2.fc6.x86_64.rpm
2aa455ba7eb7d52799a3c0d93dab468cefa96c9e x86_64/jakarta-commons-modeler-1.1-8jpp.2.fc6.x86_64.rpm
ba5a53f53d214e199394ea50cdf2306b049e9085 i386/debug/jakarta-commons-modeler-debuginfo-1.1-8jpp.2.fc6.i386.rpm
501ec172627d91dbcabb7134d3b5b3c10f256e06 i386/jakarta-commons-modeler-javadoc-1.1-8jpp.2.fc6.i386.rpm
faee0b25204c51e08dd19930cf2c81880ce9bc23 i386/jakarta-commons-modeler-1.1-8jpp.2.fc6.i386.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------
More information about the package-announce
mailing list