Skip to navigation

Security Advisory Important: tomcat6 security update

Advisory: RHSA-2013:0869-1
Type: Security Advisory
Severity: Important
Issued on: 2013-05-28
Last updated on: 2013-05-28
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.4)
Red Hat Enterprise Linux Server EUS (v. 6.4.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-1976
CVE-2013-2051

Details

Updated tomcat6 packages that fix two security issues are now available for
Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.

A flaw was found in the way the tomcat6 init script handled the
tomcat6-initd.log log file. A malicious web application deployed on Tomcat
could use this flaw to perform a symbolic link attack to change the
ownership of an arbitrary system file to that of the tomcat user, allowing
them to escalate their privileges to root. (CVE-2013-1976)

Note: With this update, tomcat6-initd.log has been moved from
/var/log/tomcat6/ to the /var/log/ directory.

It was found that the RHSA-2013:0623 update did not correctly fix
CVE-2012-5887, a weakness in the Tomcat DIGEST authentication
implementation. A remote attacker could use this flaw to perform replay
attacks in some circumstances. Additionally, this problem also prevented
users from being able to authenticate using DIGEST authentication.
(CVE-2013-2051)

Red Hat would like to thank Simon Fayer of Imperial College London for
reporting the CVE-2013-1976 issue.

Users of Tomcat are advised to upgrade to these updated packages, which
correct these issues. Tomcat must be restarted for this update to take
effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
tomcat6-6.0.24-55.el6_4.src.rpm
File outdated by:  RHSA-2014:0429
    MD5: 300039df6f563481bef7e8e5f4c18135
SHA-256: 0b1bec19faf8caee26873dd1b048f7e26bce91575ac0cac69341c50e3dbf7f92
 
IA-32:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
x86_64:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
tomcat6-6.0.24-55.el6_4.src.rpm
File outdated by:  RHSA-2014:0429
    MD5: 300039df6f563481bef7e8e5f4c18135
SHA-256: 0b1bec19faf8caee26873dd1b048f7e26bce91575ac0cac69341c50e3dbf7f92
 
x86_64:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
tomcat6-6.0.24-55.el6_4.src.rpm
File outdated by:  RHSA-2014:0429
    MD5: 300039df6f563481bef7e8e5f4c18135
SHA-256: 0b1bec19faf8caee26873dd1b048f7e26bce91575ac0cac69341c50e3dbf7f92
 
IA-32:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
PPC:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
s390x:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
x86_64:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
Red Hat Enterprise Linux Server AUS (v. 6.4)

SRPMS:
tomcat6-6.0.24-55.el6_4.src.rpm
File outdated by:  RHSA-2014:0429
    MD5: 300039df6f563481bef7e8e5f4c18135
SHA-256: 0b1bec19faf8caee26873dd1b048f7e26bce91575ac0cac69341c50e3dbf7f92
 
x86_64:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
Red Hat Enterprise Linux Server EUS (v. 6.4.z)

SRPMS:
tomcat6-6.0.24-55.el6_4.src.rpm
File outdated by:  RHSA-2014:0429
    MD5: 300039df6f563481bef7e8e5f4c18135
SHA-256: 0b1bec19faf8caee26873dd1b048f7e26bce91575ac0cac69341c50e3dbf7f92
 
IA-32:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
PPC:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
s390x:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
x86_64:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2013:0964
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
tomcat6-6.0.24-55.el6_4.src.rpm
File outdated by:  RHSA-2014:0429
    MD5: 300039df6f563481bef7e8e5f4c18135
SHA-256: 0b1bec19faf8caee26873dd1b048f7e26bce91575ac0cac69341c50e3dbf7f92
 
IA-32:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
x86_64:
tomcat6-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 24f0cbea0e51d033e010c94bbdcc44be
SHA-256: 868cecd852f0ae8b7a3f6d3c7f6d1e8f56abccc8957560e1fb7fa20fbe01ec3e
tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: b0a10b7f8a9b51b70d599fb038ceb498
SHA-256: 9fb32329128ba8cc15adf56a094df68891021d171c0da807a9a533552fb5efa4
tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: bec9a7f27438b45f935834751900aea8
SHA-256: c23cc6e1533cf188636adcd629481e779cd3d87dd7a44a2da6ab87956f00df7d
tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 861f8f76ddb1c594aca8f419d85abf76
SHA-256: cfd48d529c3445eaff1dcd5f6fc18d022f2749ebf8c28acdd7b7a84c9fb5c3c1
tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 289559e1b30f4aab3cb390f5acfb27d1
SHA-256: c7035cee8a5e61f1c1233316612f7aec39dda2626abf02832c076f6345b0d603
tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 776d344c023b59b76f9812d8d8d6256a
SHA-256: 8f34f860c2830f02d7c347a6b3b1e29f5be9baad6a5239809dfbe149833cbe20
tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 16ccafa5751d130fcf62926781d19a23
SHA-256: 9d10686a8f4ae0cf8b16b7d359e28b79b7ce3b32871a6a2b1c8482d8f8f13e75
tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: a4461565e856f8822c941669099a4f62
SHA-256: 0d15c1ebf7f0ffe9f88c4d1d36e2e331a8e7a13ed842033c10e72f1f65589e87
tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm
File outdated by:  RHSA-2014:0429
    MD5: 48a4560921f062dcae47524319ca4e0f
SHA-256: 619f040a54f01aa8c3bd397d62aafbbb2e53febb6396e185b7ac47e294ce2cb9
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

927622 - CVE-2013-1976 tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)
959047 - CVE-2013-2051 tomcat: DIGEST authentication vulnerable to replay attacks


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/