Skip to navigation

Security Advisory Moderate: tomcat6 security update

Advisory: RHSA-2012:0475-3
Type: Security Advisory
Severity: Moderate
Issued on: 2012-04-11
Last updated on: 2012-04-11
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.2)
Red Hat Enterprise Linux Server EUS (v. 6.2.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-4858
CVE-2012-0022

Details

Updated tomcat6 packages that fix two security issues are now available for
Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.

It was found that the Java hashCode() method implementation was susceptible
to predictable hash collisions. A remote attacker could use this flaw to
cause Tomcat to use an excessive amount of CPU time by sending an HTTP
request with a large number of parameters whose names map to the same hash
value. This update introduces a limit on the number of parameters processed
per request to mitigate this issue. The default limit is 512 for
parameters and 128 for headers. These defaults can be changed by setting
the org.apache.tomcat.util.http.Parameters.MAX_COUNT and
org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.
(CVE-2011-4858)

It was found that Tomcat did not handle large numbers of parameters and
large parameter values efficiently. A remote attacker could make Tomcat
use an excessive amount of CPU time by sending an HTTP request containing a
large number of parameters or large parameter values. This update
introduces limits on the number of parameters and headers processed per
request to address this issue. Refer to the CVE-2011-4858 description for
information about the org.apache.tomcat.util.http.Parameters.MAX_COUNT and
org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties.
(CVE-2012-0022)

Red Hat would like to thank oCERT for reporting CVE-2011-4858. oCERT
acknowledges Julian Wälde and Alexander Klink as the original reporters of
CVE-2011-4858.

Users of Tomcat should upgrade to these updated packages, which correct
these issues. Tomcat must be restarted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
tomcat6-6.0.24-36.el6_2.src.rpm
File outdated by:  RHBA-2013:1721
    MD5: 67ad7d4e601d4a27ab2cd951819eff63
SHA-256: e571f51ebc906a2cd2d9c3aaf25459b426ab8b67842d986695977864ea6162d5
 
IA-32:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
x86_64:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
tomcat6-6.0.24-36.el6_2.src.rpm
File outdated by:  RHBA-2013:1721
    MD5: 67ad7d4e601d4a27ab2cd951819eff63
SHA-256: e571f51ebc906a2cd2d9c3aaf25459b426ab8b67842d986695977864ea6162d5
 
x86_64:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
tomcat6-6.0.24-36.el6_2.src.rpm
File outdated by:  RHBA-2013:1721
    MD5: 67ad7d4e601d4a27ab2cd951819eff63
SHA-256: e571f51ebc906a2cd2d9c3aaf25459b426ab8b67842d986695977864ea6162d5
 
IA-32:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
PPC:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
s390x:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
x86_64:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
tomcat6-6.0.24-36.el6_2.src.rpm
File outdated by:  RHBA-2013:1721
    MD5: 67ad7d4e601d4a27ab2cd951819eff63
SHA-256: e571f51ebc906a2cd2d9c3aaf25459b426ab8b67842d986695977864ea6162d5
 
x86_64:
tomcat6-6.0.24-36.el6_2.noarch.rpm     MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm     MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm     MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm     MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm     MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
Red Hat Enterprise Linux Server EUS (v. 6.2.z)

SRPMS:
tomcat6-6.0.24-36.el6_2.src.rpm
File outdated by:  RHBA-2013:1721
    MD5: 67ad7d4e601d4a27ab2cd951819eff63
SHA-256: e571f51ebc906a2cd2d9c3aaf25459b426ab8b67842d986695977864ea6162d5
 
IA-32:
tomcat6-6.0.24-36.el6_2.noarch.rpm     MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm     MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm     MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm     MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm     MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
PPC:
tomcat6-6.0.24-36.el6_2.noarch.rpm     MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm     MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm     MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm     MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm     MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
s390x:
tomcat6-6.0.24-36.el6_2.noarch.rpm     MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm     MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm     MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm     MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm     MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
x86_64:
tomcat6-6.0.24-36.el6_2.noarch.rpm     MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm     MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm     MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm     MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm     MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm     MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm     MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
tomcat6-6.0.24-36.el6_2.src.rpm
File outdated by:  RHBA-2013:1721
    MD5: 67ad7d4e601d4a27ab2cd951819eff63
SHA-256: e571f51ebc906a2cd2d9c3aaf25459b426ab8b67842d986695977864ea6162d5
 
IA-32:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
x86_64:
tomcat6-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 00ecf3ab549a2b65e94644a3eea0de66
SHA-256: a3bb692e386479a8423c36f0959826a3ccf9fef3a1b117594ba17ea9170a1c97
tomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: ba25401c539616e5d102f672df22dac5
SHA-256: 3968092fa356024d26b33f43190b8533e4da809822ab624a7b0cf27d119abb5d
tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 25c9cd1dbb5cc084b83f6f7c1bb16f37
SHA-256: ce7ed0f939afc7a785e5b7be29b00ca7203a60576e3803bbff83247e66efce48
tomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 31bf5f6b946e50a5cff53a4cd3ce11fd
SHA-256: c132c73bdd231caaf657244201ea200cdecec68e12634cbe38ea96eda27ffc9f
tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 82fd917596f3c5600401026b0c51c18c
SHA-256: 1770a7da4f80be7b2ff5f4f239653c5072135d02ed470c78fff92b6daa81a75b
tomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: bdc608d46de958fcad2a7420a13787f0
SHA-256: 6a73238fd822ae3018fdc6fa75ad48ffb69a2e81ed62a21892e60ae0add00dc4
tomcat6-lib-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 4a303f73b7dc6b35d1357d28f727922a
SHA-256: 5262cd98992086d142f7094d671433b08ed402398fac62dc815ac091eabc3419
tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: b82943853acd78d7c9da2dd582d3db4f
SHA-256: 1144287d5dca88fac0160d4761afd45151f961b5c6e3221ce22154273aa9d06a
tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm
File outdated by:  RHBA-2013:1721
    MD5: 79d7f203e2e73f8344c8afbb609f593f
SHA-256: 8546e92f09bbd580ac1e8dc426a3c9c06c6576e47e5332c9e6a60e90a96acca9
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

750521 - CVE-2011-4858 tomcat: hash table collisions CPU usage DoS (oCERT-2011-003)
783359 - CVE-2012-0022 tomcat: large number of parameters DoS


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/