networking/daemons

tomcat5 - Apache Servlet/JSP Engine, RI for Servlet 2.4/JSP 2.0 API

Website: http://tomcat.apache.org/
License: Apache Software License
Vendor: Scientific Linux
Description:
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License. Tomcat is intended to be
a collaboration of the best-of-breed developers from around the world.
We invite you to participate in this open development project. To
learn more about getting involved, click here.

Packages

tomcat5-5.5.23-0jpp.40.el5_9.i386 [369 KiB] Changelog by David Knox (2013-05-23):
- Related: CVE-2013-1976 It was found during additional testing
- that the tomcat5 init may fail to start because the user
- shell is set to sbin/nologin. Fixed in init scrip. SU now
- uses -s /bin/sh during startup
tomcat5-5.5.23-0jpp.38.el5_9.i386 [368 KiB] Changelog by David Knox (2013-02-21):
- Resolves: CVE-2012-3439 rhbz#882008 three DIGEST authentication
- implementation
- Resolves: CVE-2012-3546, rhbz#913034 Bypass of security constraints.
- Remove unneeded handling of FORM authentication in RealmBase
tomcat5-5.5.23-0jpp.31.el5_8.i386 [339 KiB] Changelog by David Knox (2012-03-29):
- Resolves: CVE-2012 regression. Changed patch file.
tomcat5-5.5.23-0jpp.22.el5_7.i386 [339 KiB] Changelog by David Knox (2011-11-08):
- Resolves: CVE-2011-0013 rhbz 675931
- Resolves: CVE-2010-3718 rhbz 675931
- Resolves: CVE-2011-1184 rhbz 744983
- Resolves: CVE-2011-2204 rhbz 719181
tomcat5-5.5.23-0jpp.17.el5_6.i386 [339 KiB] Changelog by David Knox (2011-02-03):
- Resolves: rhbz 674599 JDK Double.parseDouble DoS
tomcat5-5.5.23-0jpp.9.el5_5.i386 [338 KiB] Changelog by David Knox (2010-07-29):
- Resolves: rhbz#619424 fixed servlet-api typo. serve4-api to servlet-api
- RHSA-2010:9748
tomcat5-5.5.23-0jpp.7.el5_3.2.i386 [337 KiB] Changelog by Fernando Nasser (2009-06-25):
- Actually add the patch files this time
  Resolves: rhbz#427779
  Resolves: rhbz#504758
  Resolves: rhbz#503980
  Resolves: rhbz#504162
tomcat5-5.5.23-0jpp.7.el5_2.1.i386 [335 KiB] Changelog by David Walluck (2008-08-22):
- add patch for CVE-2008-1232
  Resolves: rhbz#457727
- add patch for CVE-2008-1947
  Resolves: rhbz#449916
- add patch for CVE-2008-2370
  Resolves: rhbz#458634
- add patch for CVE-2008-2938
  Resolves: rhbz#456214
tomcat5-5.5.23-0jpp.3.0.3.el5_1.i386 [335 KiB] Changelog by Deepak Bhole (2008-02-27):
- Patch for CVE-2007-5342
  Resolves: bz# 427776
- Patch for CVE-2007-5461
  Resolves: bz# 334561
tomcat5-5.5.23-0jpp.3.0.2.el5.i386 [332 KiB] Changelog by Fernando Nasser (2007-08-30):
From jean-frederic clere <jclere@redhat.com>:
- Patch for CVE-2007-3382 and CVE-2007-3385
  Resolves: rhbz#254155
tomcat5-5.5.23-0jpp.1.0.4.el5.i386 [331 KiB] Changelog by Vivek Lakshmanan (2007-06-21):
- Remove erroneous rebuild-gcj-db for javadoc subpackage
- Add fixes for CVE-2007-2449 and CVE-2007-2450
- resolves: bug 244846, bug 244816

Listing created by Repoview-0.6.6-1.el6