UbuntuUpdates.org

Package "tomcat6"

Name: tomcat6

Description:

Servlet and JSP engine
Latest version: 6.0.35-1ubuntu3.11
Release: precise (12.04)
Level: updates
Repository: main
Homepage: http://tomcat.apache.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "tomcat6"

All arch deb package
APT INSTALL

Other versions of "tomcat6" in Precise

Repository Area Version
base universe 6.0.35-1ubuntu3
base main 6.0.35-1ubuntu3
security main 6.0.35-1ubuntu3.11
security universe 6.0.35-1ubuntu3.11
updates universe 6.0.35-1ubuntu3.11

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.0.35-1ubuntu3.6 2015-06-25 14:06:16 UTC

  tomcat6 (6.0.35-1ubuntu3.6) precise-security; urgency=medium

  * SECURITY UPDATE: HTTP request smuggling or denial of service via
    streaming with malformed chunked transfer encoding (LP: #1449975)
    - debian/patches/CVE-2014-0227.patch: add error flag and improve i18n
      in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java,
      java/org/apache/coyote/http11/filters/LocalStrings.properties.
    - CVE-2014-0227
  * SECURITY UPDATE: denial of service via aborted upload attempts
    (LP: #1449975)
    - debian/patches/CVE-2014-0230.patch: limit amount of data in
      java/org/apache/coyote/Constants.java,
      java/org/apache/coyote/http11/filters/ChunkedInputFilter.java,
      java/org/apache/coyote/http11/filters/IdentityInputFilter.java,
      java/org/apache/coyote/http11/filters/LocalStrings.properties,
      webapps/docs/config/systemprops.xml.
    - CVE-2014-0230
  * SECURITY UPDATE: SecurityManager bypass via Expression Language
    - debian/patches/CVE-2014-7810.patch: handle classes that may not be
      accessible but have accessible interfaces in
      java/javax/el/BeanELResolver.java, remove unnecessary code in
      java/org/apache/jasper/runtime/PageContextImpl.java,
      java/org/apache/jasper/security/SecurityClassLoad.java.
    - CVE-2014-7810

 -- Marc Deslauriers <email address hidden> Mon, 22 Jun 2015 08:16:23 -0400
Source diff to previous version
1449975 Outstanding low priority security bugs in the tomcat7 packages
CVE-2014-0227 java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not pr
CVE-2014-0230 Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishin
CVE-2014-7810 The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider t

Version: 6.0.35-1ubuntu3.5 2014-07-30 21:06:54 UTC

  tomcat6 (6.0.35-1ubuntu3.5) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via malformed chunk size
    - debian/patches/CVE-2014-0075.patch: fix overflow in
      java/org/apache/coyote/http11/filters/ChunkedInputFilter.java.
    - CVE-2014-0075
  * SECURITY UPDATE: file disclosure via XXE issue
    - debian/patches/CVE-2014-0096.patch: change globalXsltFile to be a
      relative path in conf/web.xml,
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/catalina/servlets/LocalStrings.properties,
      webapps/docs/default-servlet.xml.
    - CVE-2014-0096
  * SECURITY UPDATE: HTTP request smuggling attack via crafted
    Content-Length HTTP header
    - debian/patches/CVE-2014-0099.patch: correctly handle long values in
      java/org/apache/tomcat/util/buf/Ascii.java.
    - CVE-2014-0099
 -- Marc Deslauriers <email address hidden> Thu, 24 Jul 2014 15:38:01 -0400
Source diff to previous version
CVE-2014-0075 Integer overflow in the parseChunkHeader function in ...
CVE-2014-0096 java/org/apache/catalina/servlets/DefaultServlet.java in the default ...
CVE-2014-0099 Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in ...

Version: 6.0.35-1ubuntu3.4 2014-03-06 15:06:44 UTC

  tomcat6 (6.0.35-1ubuntu3.4) precise-security; urgency=medium

  * SECURITY UPDATE: request smuggling attack via content-length headers
    - debian/patches/CVE-2013-4286.patch: handle multiple content lengths
      in java/org/apache/coyote/ajp/AbstractAjpProcessor.java,
      java/org/apache/coyote/ajp/AjpProcessor.java, handle content length
      and chunked encoding being both specified in
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/Http11NioProcessor.java,
      java/org/apache/coyote/http11/Http11Processor.java.
    - CVE-2013-4286
  * SECURITY UPDATE: denial of service via chunked transfer coding
    - debian/patches/CVE-2013-4322.patch: limit length of extension data in
      java/org/apache/coyote/Constants.java,
      java/org/apache/coyote/http11/filters/ChunkedInputFilter.java,
      webapps/docs/config/systemprops.xml.
    - CVE-2013-4322
  * SECURITY UPDATE: session fixation attack via crafted URL
    - debian/patches/CVE-2014-0033.patch: properly handle
      disableURLRewriting in
      java/org/apache/catalina/connector/CoyoteAdapter.java.
    - CVE-2014-0033
 -- Marc Deslauriers <email address hidden> Tue, 04 Mar 2014 11:14:51 -0500
Source diff to previous version
CVE-2013-4286 Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before ...
CVE-2013-4322 Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before ...
CVE-2014-0033 org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat ...

Version: 6.0.35-1ubuntu3.3 2013-05-28 19:06:58 UTC

  tomcat6 (6.0.35-1ubuntu3.3) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via chunked transfer encoding
    - debian/patches/CVE-2012-3544.patch: properly parse CRLF in requests
      in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java.
    - CVE-2012-3544
  * SECURITY UPDATE: FORM authentication request injection
    - debian/patches/CVE-2013-2067.patch: properly change session ID
      in java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2013-2067
 -- Marc Deslauriers <email address hidden> Tue, 21 May 2013 09:39:22 -0400
Source diff to previous version
CVE-2012-3544 Chunked transfer encoding extension size is not limited
CVE-2013-2067 Session fixation with FORM authenticator

Version: 6.0.35-1ubuntu3.2 2013-01-14 15:07:08 UTC

  tomcat6 (6.0.35-1ubuntu3.2) precise-security; urgency=low

  * SECURITY UPDATE: security-constraint bypass with FORM auth
    - debian/patches/CVE-2012-3546.patch: remove unneeded code in
      java/org/apache/catalina/realm/RealmBase.java.
    - CVE-2012-3546
  * SECURITY UPDATE: CSRF bypass via request with no session identifier
    - debian/patches/CVE-2012-4431.patch: check for session identifier in
      java/org/apache/catalina/filters/CsrfPreventionFilter.java.
    - CVE-2012-4431
  * SECURITY UPDATE: denial of service with NIO connector
    - debian/patches/CVE-2012-4534.patch: properly handle connection breaks
      in java/org/apache/tomcat/util/net/NioEndpoint.java.
    - CVE-2012-4534
 -- Marc Deslauriers <email address hidden> Thu, 10 Jan 2013 09:51:09 -0500
CVE-2012-3546 org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote at
CVE-2012-4431 org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the
CVE-2012-4534 org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction w


About   -   Send Feedback to @ubuntu_updates