Skip to navigation

Security Advisory Important: tomcat5 and tomcat6 security update

Advisory: RHSA-2010:0581-1
Type: Security Advisory
Severity: Important
Issued on: 2010-08-02
Last updated on: 2010-08-02
Affected Products: JBoss Enterprise Web Server v1 EL4
JBoss Enterprise Web Server v1 EL5
CVEs (cve.mitre.org): CVE-2010-2227

Details

Updated tomcat5 and tomcat6 packages that fix one security issue are now
available for JBoss Enterprise Web Server 1.0.1 for Red Hat Enterprise
Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.

A flaw was found in the way Tomcat handled the Transfer-Encoding header in
HTTP requests. A specially-crafted HTTP request could prevent Tomcat from
sending replies, or cause Tomcat to return truncated replies, or replies
containing data related to the requests of other users, for all subsequent
HTTP requests. (CVE-2010-2227)

Users of Tomcat should upgrade to these updated packages, which contain a
backported patch to resolve this issue. Tomcat must be restarted for this
update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

JBoss Enterprise Web Server v1 EL4

SRPMS:
tomcat5-5.5.28-9.patch_01.jdk6.ep5.el4.src.rpm
File outdated by:  RHSA-2011:0897
    MD5: 169ea86daead9603a467973a8659b6bd
SHA-256: 966d06bc32ee6c379fe50196d325fc2c39701a7d97e0f764bf5e6ed4963b97c2
tomcat6-6.0.24-7.patch_01.jdk6.ep5.el4.src.rpm
File outdated by:  RHSA-2011:0897
    MD5: 8463a86bcc2a103eccd3625a6ebd7518
SHA-256: 100796f97134f9b9e52aecf32782399688408eb5dd9b588cecaba459d4846d7c
 
IA-32:
tomcat5-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 9bda3d1e7aa3abf08f0694dcab0e9274
SHA-256: 7abe0fa2aacb147d9419f1d25f2899dd10c882228b02d9f6c9e9c975cb90ac98
tomcat5-admin-webapps-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: d384ba548e8454e066ab6aa4ae7d8105
SHA-256: 9228425eda769f69872b458c66ce970b355309c41b9142f62f293e8a4037c157
tomcat5-common-lib-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 0fe23a595d8e99ba531791314ea96bfd
SHA-256: 342aa0ec8860caa22d8204ba51070e0798f8758ff9e85df97d1ca599d7d72009
tomcat5-jasper-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 7e980a577aceb203eea1692efe1e4030
SHA-256: a7413efad57b6d040eaeb3d9ac00d3ec25ea805e51c4ff55f2f4603b857e4e43
tomcat5-jasper-eclipse-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 6526c0fa8ceef08187d0e399b7d1d57f
SHA-256: 0ac8895aafaacf2119616bc897a149ccb931533a1dfc3b9c5748d3cfa03ebd73
tomcat5-jasper-javadoc-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: f193b5a387984298b1e55185f093a1f6
SHA-256: 4ac825a0ac52f16f7e8f917641fcffe7c0b0d23c86fab3fc8df92e09afee43ca
tomcat5-jsp-2.0-api-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: d67aa664ed6e575d0dd0b795cc8f69b1
SHA-256: f5edef5c313d3694c525c3839db7ddd90b25045ff239a928a9f7ecd18dd6ff54
tomcat5-jsp-2.0-api-javadoc-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 2b17a1aa547ad7eab6fcb069b4f39b0a
SHA-256: 3f1d0f396412cba71d7f568c2c840039d09ea87132d52347c8ff24c766e8d82f
tomcat5-parent-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 66a5f12f1569f60b87335a17e5392a84
SHA-256: 4eefebc2a5e12ef241a6652b57af903117ead64e791575c9829099f1035b3cda
tomcat5-server-lib-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 86261ee97400c6e2c35d7ee6cba159c0
SHA-256: 71e2095409824da28f12c7f41e8df75cdd632ace57591f845df64e2503b56fc1
tomcat5-servlet-2.4-api-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: bb3bd16bd5336aaef0572c8e0db4428b
SHA-256: 1ec9be0ec9dc08b272cc90d7f0889f87656d07d09b94e5383ff7434c3242bfb2
tomcat5-servlet-2.4-api-javadoc-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 46bebd685a8373a526e589fd52cc4f77
SHA-256: 82019d2f10077fd21f82f8fd5ee0513888731bf444b125e2591e7cf89094bfd4
tomcat5-webapps-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: f8b89d7d47391df04e8227938e90aeea
SHA-256: 28658d400a4793b68026dc02d70fabc12f48c0de0ef87f14dbb75aec4d636933
tomcat6-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 6f703b6f53928aa95ce34cf9c6e43b39
SHA-256: c3900616eee9e8e22d74fa5fb68b8096236cabcb5f796b8f8d8e3b4f6d0a2c59
tomcat6-admin-webapps-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: aa0f509caf0228351c334a632bd62ab6
SHA-256: 9575906bb59e13da95ef6cf13c0de54ab126c958df918f531174a31bf063030b
tomcat6-docs-webapp-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: b15be99b5dc60f6e0d65f8eefecd8007
SHA-256: 2c73d45246713315d0f43e3f47c96953d942b15727343f004691131e1f160c87
tomcat6-el-1.0-api-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: aed3c59ee34d08d99e35c1965bf2eb78
SHA-256: 49b1fd8b81ffc9268143ad5d176ffa7c513f4193a9ea4204354eaee91a44c077
tomcat6-javadoc-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 27a4a5fef563b7525d9132d9ac82e7ee
SHA-256: ce10c5f7a8585fae392bdda4add8ab709290627830ffb0e694864378a36fb658
tomcat6-jsp-2.1-api-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 59792de1270c2096d6365bcdab4015dc
SHA-256: 034bfe796f5d819cf5722c703f9a96da0c5c8592285fa55584717ed24416f780
tomcat6-lib-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 5d1a0e32dcccd4e4c27a739480ef0d5e
SHA-256: 311c608b666cc40a4a0c3b9b1fe8a480f83508d4010eb4c426e642fdd07c5523
tomcat6-log4j-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: ca851d49bc05cbf152bb8fb918482414
SHA-256: 582aefe9a275ce1fb6b59c3cf60aec4fcb8523f2e52dcc37e888b9845eeab620
tomcat6-servlet-2.5-api-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: b912f6ea6d7765da7a67bc79a0b0442a
SHA-256: dad380e248106c337965f2af5d1fc2069e211ece281526606204ab05c1be7dae
tomcat6-webapps-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: f3946d48f63668ddac64e9b730688a56
SHA-256: b9d9c1711e47886c046605df0596aa184b4a7ff69ff5a85d35e64fb5077b1987
 
x86_64:
tomcat5-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 9bda3d1e7aa3abf08f0694dcab0e9274
SHA-256: 7abe0fa2aacb147d9419f1d25f2899dd10c882228b02d9f6c9e9c975cb90ac98
tomcat5-admin-webapps-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: d384ba548e8454e066ab6aa4ae7d8105
SHA-256: 9228425eda769f69872b458c66ce970b355309c41b9142f62f293e8a4037c157
tomcat5-common-lib-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 0fe23a595d8e99ba531791314ea96bfd
SHA-256: 342aa0ec8860caa22d8204ba51070e0798f8758ff9e85df97d1ca599d7d72009
tomcat5-jasper-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 7e980a577aceb203eea1692efe1e4030
SHA-256: a7413efad57b6d040eaeb3d9ac00d3ec25ea805e51c4ff55f2f4603b857e4e43
tomcat5-jasper-eclipse-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 6526c0fa8ceef08187d0e399b7d1d57f
SHA-256: 0ac8895aafaacf2119616bc897a149ccb931533a1dfc3b9c5748d3cfa03ebd73
tomcat5-jasper-javadoc-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: f193b5a387984298b1e55185f093a1f6
SHA-256: 4ac825a0ac52f16f7e8f917641fcffe7c0b0d23c86fab3fc8df92e09afee43ca
tomcat5-jsp-2.0-api-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: d67aa664ed6e575d0dd0b795cc8f69b1
SHA-256: f5edef5c313d3694c525c3839db7ddd90b25045ff239a928a9f7ecd18dd6ff54
tomcat5-jsp-2.0-api-javadoc-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 2b17a1aa547ad7eab6fcb069b4f39b0a
SHA-256: 3f1d0f396412cba71d7f568c2c840039d09ea87132d52347c8ff24c766e8d82f
tomcat5-parent-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 66a5f12f1569f60b87335a17e5392a84
SHA-256: 4eefebc2a5e12ef241a6652b57af903117ead64e791575c9829099f1035b3cda
tomcat5-server-lib-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 86261ee97400c6e2c35d7ee6cba159c0
SHA-256: 71e2095409824da28f12c7f41e8df75cdd632ace57591f845df64e2503b56fc1
tomcat5-servlet-2.4-api-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: bb3bd16bd5336aaef0572c8e0db4428b
SHA-256: 1ec9be0ec9dc08b272cc90d7f0889f87656d07d09b94e5383ff7434c3242bfb2
tomcat5-servlet-2.4-api-javadoc-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 46bebd685a8373a526e589fd52cc4f77
SHA-256: 82019d2f10077fd21f82f8fd5ee0513888731bf444b125e2591e7cf89094bfd4
tomcat5-webapps-5.5.28-9.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: f8b89d7d47391df04e8227938e90aeea
SHA-256: 28658d400a4793b68026dc02d70fabc12f48c0de0ef87f14dbb75aec4d636933
tomcat6-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 6f703b6f53928aa95ce34cf9c6e43b39
SHA-256: c3900616eee9e8e22d74fa5fb68b8096236cabcb5f796b8f8d8e3b4f6d0a2c59
tomcat6-admin-webapps-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: aa0f509caf0228351c334a632bd62ab6
SHA-256: 9575906bb59e13da95ef6cf13c0de54ab126c958df918f531174a31bf063030b
tomcat6-docs-webapp-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: b15be99b5dc60f6e0d65f8eefecd8007
SHA-256: 2c73d45246713315d0f43e3f47c96953d942b15727343f004691131e1f160c87
tomcat6-el-1.0-api-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: aed3c59ee34d08d99e35c1965bf2eb78
SHA-256: 49b1fd8b81ffc9268143ad5d176ffa7c513f4193a9ea4204354eaee91a44c077
tomcat6-javadoc-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 27a4a5fef563b7525d9132d9ac82e7ee
SHA-256: ce10c5f7a8585fae392bdda4add8ab709290627830ffb0e694864378a36fb658
tomcat6-jsp-2.1-api-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 59792de1270c2096d6365bcdab4015dc
SHA-256: 034bfe796f5d819cf5722c703f9a96da0c5c8592285fa55584717ed24416f780
tomcat6-lib-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: 5d1a0e32dcccd4e4c27a739480ef0d5e
SHA-256: 311c608b666cc40a4a0c3b9b1fe8a480f83508d4010eb4c426e642fdd07c5523
tomcat6-log4j-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: ca851d49bc05cbf152bb8fb918482414
SHA-256: 582aefe9a275ce1fb6b59c3cf60aec4fcb8523f2e52dcc37e888b9845eeab620
tomcat6-servlet-2.5-api-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: b912f6ea6d7765da7a67bc79a0b0442a
SHA-256: dad380e248106c337965f2af5d1fc2069e211ece281526606204ab05c1be7dae
tomcat6-webapps-6.0.24-7.patch_01.jdk6.ep5.el4.noarch.rpm
File outdated by:  RHSA-2011:0897
    MD5: f3946d48f63668ddac64e9b730688a56
SHA-256: b9d9c1711e47886c046605df0596aa184b4a7ff69ff5a85d35e64fb5077b1987
 
JBoss Enterprise Web Server v1 EL5

SRPMS:
tomcat5-5.5.28-9.patch_01.1.jdk6.ep5.el5.src.rpm
File outdated by:  RHSA-2013:0872
    MD5: a0634b8a063566b90315fe4d7d92c2fe
SHA-256: 7dd87c36b2895e692b3efc7525f96c17983a3dedd1c919f33544806e327d8f5f
tomcat6-6.0.24-7.patch_01.jdk6.ep5.el5.src.rpm
File outdated by:  RHSA-2013:0872
    MD5: f88dfafdc74f53adc408aad279371e4a
SHA-256: 1653a933f83b7dd66388f14d99767cb12e842ebfd3874c170e80c29a9d655788
 
IA-32:
tomcat5-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 452e3e1912640b7879c004d7e266f4f3
SHA-256: 93d8bb087140a6edd9736e33c89135c8a23cafcae63847829050dc2b08b9c3a5
tomcat5-admin-webapps-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 46bcc61dffe8f706d6d37b359def8895
SHA-256: b96cc77798019e8d25b6d9f9c1dbc7e126a7c4be8d25054968dee8e3987530aa
tomcat5-common-lib-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: b6be0673ca50ef10d80029674974dbc4
SHA-256: c6403df4cb61d559337b4221f1b4693ec41f9f3015f7e1d7718f21efb15b51a6
tomcat5-jasper-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 9d75b10ac2c75d94789976095915ddea
SHA-256: 19182e7aef7a2aded52b15edcda6072ad6531247dc7382677cc2041f2eb3f9ab
tomcat5-jasper-eclipse-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: a6ef29b0a81f3db02d9bb3926b425649
SHA-256: f577f902a1664d5ab73f98b5869f58c1ba2411ae4b9fb3e1588db4a539f4644d
tomcat5-jasper-javadoc-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 5244fcf3a649186ba4c360dc1680944c
SHA-256: 7aaef79a3a82b757e08a025cb32b8c16c07313f7af049312069e43f1afdd9c88
tomcat5-jsp-2.0-api-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 0a4fef468d0d3376fb3d476d89dc00c3
SHA-256: ce2f71966257780799517ffdd0feaa9d12905caa8168a17996f3cf74b0d465b1
tomcat5-jsp-2.0-api-javadoc-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 65aeb73db69701444ff6c45c6cd54694
SHA-256: 2856628e31a83d05c73f5424e7958838acd97b4569e3987acf5c40e066dfb4c7
tomcat5-parent-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 4f31c3dc63a803860a402212d7563153
SHA-256: 851a74c374af87162ca467074a9a0b3a9ef6ae44e4e03548c4e3214e39619ef0
tomcat5-server-lib-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 552cec422e0b679ec65896d99e58f604
SHA-256: b442ca1f44a9673883d66d6dd6765b99338c57403a3b2cb700d15da712e7361e
tomcat5-servlet-2.4-api-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: ff603211cf0a853082a03c8afc7154d2
SHA-256: 96e6dfd086aa67fc224f787afc5eccf98c713ce124f00d020c20507f1fc4b35e
tomcat5-servlet-2.4-api-javadoc-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 7730ca7f41c98f773508e8533ce24761
SHA-256: 1c574cc622a0bf3b2c4cc355b038dd2f01484cd560c89d376193f6b83c3061b0
tomcat5-webapps-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: f0aa2f2c9bf3846d42a2e37c499c0f02
SHA-256: d75ff8b64c7bb594c3a9294741d142162a577ad1c8ffe1d1872e2eb635917aa8
tomcat6-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 21a015d9166e1da4dadfe88f4ceaf28b
SHA-256: 2d57281beccb2a50a69921de10c9207d5e825c32b303bb02e0020e981b2966b5
tomcat6-admin-webapps-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: be73fa1d94caed8896c3b21c1560d820
SHA-256: b0a569befcb847b4dd7227f62632fbcda6e87565848ee6bba1e11448aba45109
tomcat6-docs-webapp-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 2780008ffe2a52f320f2f9d0ada5a8da
SHA-256: 9b645e9883b2072699db2811733b7c8c1b248488176027ad37eb7f69a03dc4e8
tomcat6-el-1.0-api-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: fa1e68e77c2a4e7f89387bad8ecbfe55
SHA-256: e20095f277d6adfc4c718865fdd893e7be209f91990e14fa6a55072f5430e9d9
tomcat6-javadoc-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: be54261d64740999bde59445a2a062cc
SHA-256: 5cb22a12417aaf648362c766a816a9e1ab7214b105ec4d2181910b3330ff9754
tomcat6-jsp-2.1-api-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: b15f4045cc899be2438b0d3a4a1edb9b
SHA-256: e6f807b568148e279a3a4127209595c963d2b4a7be20930ee1771a9b05badf88
tomcat6-lib-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: a2b1fb316e9f529f523777b811c77880
SHA-256: b95d635f7d66df58554aa33bf5dc16494f587620242d35e5a1bf54cd2c3a2ead
tomcat6-log4j-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: ad0d8467724170f3c20b084fd4a83f4b
SHA-256: f22e907423ec66700560376c7c49e69d30a6504fad8a25d09aafdeb44a381f45
tomcat6-servlet-2.5-api-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: ff0f2f3bc168b7dc6f504ce868a405bf
SHA-256: 756700f16e44d29cf2faef46edabe9e3b1376dce96f2e3d78b024b2feebced1e
tomcat6-webapps-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: bf41033dab7c8d4c44b020920a1a9aa1
SHA-256: 5b9dd0530794ec511a024a70dd746c81a89247f33e9c9bee7c9b62d59878a61e
 
x86_64:
tomcat5-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 452e3e1912640b7879c004d7e266f4f3
SHA-256: 93d8bb087140a6edd9736e33c89135c8a23cafcae63847829050dc2b08b9c3a5
tomcat5-admin-webapps-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 46bcc61dffe8f706d6d37b359def8895
SHA-256: b96cc77798019e8d25b6d9f9c1dbc7e126a7c4be8d25054968dee8e3987530aa
tomcat5-common-lib-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: b6be0673ca50ef10d80029674974dbc4
SHA-256: c6403df4cb61d559337b4221f1b4693ec41f9f3015f7e1d7718f21efb15b51a6
tomcat5-jasper-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 9d75b10ac2c75d94789976095915ddea
SHA-256: 19182e7aef7a2aded52b15edcda6072ad6531247dc7382677cc2041f2eb3f9ab
tomcat5-jasper-eclipse-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: a6ef29b0a81f3db02d9bb3926b425649
SHA-256: f577f902a1664d5ab73f98b5869f58c1ba2411ae4b9fb3e1588db4a539f4644d
tomcat5-jasper-javadoc-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 5244fcf3a649186ba4c360dc1680944c
SHA-256: 7aaef79a3a82b757e08a025cb32b8c16c07313f7af049312069e43f1afdd9c88
tomcat5-jsp-2.0-api-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 0a4fef468d0d3376fb3d476d89dc00c3
SHA-256: ce2f71966257780799517ffdd0feaa9d12905caa8168a17996f3cf74b0d465b1
tomcat5-jsp-2.0-api-javadoc-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 65aeb73db69701444ff6c45c6cd54694
SHA-256: 2856628e31a83d05c73f5424e7958838acd97b4569e3987acf5c40e066dfb4c7
tomcat5-parent-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 4f31c3dc63a803860a402212d7563153
SHA-256: 851a74c374af87162ca467074a9a0b3a9ef6ae44e4e03548c4e3214e39619ef0
tomcat5-server-lib-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 552cec422e0b679ec65896d99e58f604
SHA-256: b442ca1f44a9673883d66d6dd6765b99338c57403a3b2cb700d15da712e7361e
tomcat5-servlet-2.4-api-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: ff603211cf0a853082a03c8afc7154d2
SHA-256: 96e6dfd086aa67fc224f787afc5eccf98c713ce124f00d020c20507f1fc4b35e
tomcat5-servlet-2.4-api-javadoc-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 7730ca7f41c98f773508e8533ce24761
SHA-256: 1c574cc622a0bf3b2c4cc355b038dd2f01484cd560c89d376193f6b83c3061b0
tomcat5-webapps-5.5.28-9.patch_01.1.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: f0aa2f2c9bf3846d42a2e37c499c0f02
SHA-256: d75ff8b64c7bb594c3a9294741d142162a577ad1c8ffe1d1872e2eb635917aa8
tomcat6-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 21a015d9166e1da4dadfe88f4ceaf28b
SHA-256: 2d57281beccb2a50a69921de10c9207d5e825c32b303bb02e0020e981b2966b5
tomcat6-admin-webapps-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: be73fa1d94caed8896c3b21c1560d820
SHA-256: b0a569befcb847b4dd7227f62632fbcda6e87565848ee6bba1e11448aba45109
tomcat6-docs-webapp-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: 2780008ffe2a52f320f2f9d0ada5a8da
SHA-256: 9b645e9883b2072699db2811733b7c8c1b248488176027ad37eb7f69a03dc4e8
tomcat6-el-1.0-api-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: fa1e68e77c2a4e7f89387bad8ecbfe55
SHA-256: e20095f277d6adfc4c718865fdd893e7be209f91990e14fa6a55072f5430e9d9
tomcat6-javadoc-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: be54261d64740999bde59445a2a062cc
SHA-256: 5cb22a12417aaf648362c766a816a9e1ab7214b105ec4d2181910b3330ff9754
tomcat6-jsp-2.1-api-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: b15f4045cc899be2438b0d3a4a1edb9b
SHA-256: e6f807b568148e279a3a4127209595c963d2b4a7be20930ee1771a9b05badf88
tomcat6-lib-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: a2b1fb316e9f529f523777b811c77880
SHA-256: b95d635f7d66df58554aa33bf5dc16494f587620242d35e5a1bf54cd2c3a2ead
tomcat6-log4j-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: ad0d8467724170f3c20b084fd4a83f4b
SHA-256: f22e907423ec66700560376c7c49e69d30a6504fad8a25d09aafdeb44a381f45
tomcat6-servlet-2.5-api-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: ff0f2f3bc168b7dc6f504ce868a405bf
SHA-256: 756700f16e44d29cf2faef46edabe9e3b1376dce96f2e3d78b024b2feebced1e
tomcat6-webapps-6.0.24-7.patch_01.jdk6.ep5.el5.noarch.rpm
File outdated by:  RHSA-2013:0872
    MD5: bf41033dab7c8d4c44b020920a1a9aa1
SHA-256: 5b9dd0530794ec511a024a70dd746c81a89247f33e9c9bee7c9b62d59878a61e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

612799 - CVE-2010-2227 tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/