Security Advisory Important: tomcat6 and tomcat7 security update

Advisory: RHSA-2013:0871-1
Type: Security Advisory
Severity: Important
Issued on: 2013-05-28
Last updated on: 2013-05-28
Affected Products: JBoss Enterprise Web Server v2 EL5
JBoss Enterprise Web Server v2 EL6
CVEs (cve.mitre.org): CVE-2013-1976

Details

Updated tomcat6 and tomcat7 packages that fix one security issue are now
available for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise
Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.

A flaw was found in the way the tomcat6 and tomcat7 init scripts handled
the tomcat6-initd.log and tomcat7-initd.log log files. A malicious web
application deployed on Tomcat could use this flaw to perform a symbolic
link attack to change the ownership of an arbitrary system file to that of
the tomcat user, allowing them to escalate their privileges to root.
(CVE-2013-1976)

Note: With this update, tomcat6-initd.log and tomcat7-initd.log have been
moved to the /var/log/ directory.

Red Hat would like to thank Simon Fayer of Imperial College London for
reporting this issue.

Warning: Before applying the update, back up your existing JBoss Enterprise
Web Server installation (including all applications and configuration
files).

Users of Tomcat should upgrade to these updated packages, which resolve
this issue. Tomcat must be restarted for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

JBoss Enterprise Web Server v2 EL5

IA-32:
tomcat6-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: c8bf2fe40912117906cd02da75221650
SHA-256: 99034b8068d1b154c26c80b6ace6772294cfaee7679950f2b81d2873ce5c46c0
tomcat6-admin-webapps-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: ab3fb9755395abf90bfb6dfdd6c1c756
SHA-256: e79e5782b1459aa723fe958b4ed59b5139f3298f1bdd7d39cc7274a4febd9b02
tomcat6-docs-webapp-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: bb9db44313b9f35557531dad6a422f09
SHA-256: b0aba1c25694b8d5cba9ad87bbd9c7e869bfa9a797ca06a3e4ac83945b8d2393
tomcat6-el-1.0-api-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2013:1011
    MD5: 0201e348935ab95ce7869a3957ffafd7
SHA-256: 6db797ee5560efce525fdf568cb03394ef85a7b100d459fecb227dfc1abcbd2e
tomcat6-javadoc-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 23ec4b60e8eb4290440055b35200b232
SHA-256: 587cb21c2273ff9e5dd534bfc14de99340ccfec571ada5a46794064dc2e92c14
tomcat6-jsp-2.1-api-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: db2512939409f1900aa1d7b8417b0904
SHA-256: 68a0d2f312773758a27fe17c4be7e0a57956136161385ea5a4aeb6b7a3bb2c52
tomcat6-lib-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 6558a55cb2c2b12472fcc4b600dba1e5
SHA-256: 3e50eb651567424136326a5f17c1b3d929f19fb5e6356f2b0468a1783abec231
tomcat6-log4j-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: e8353ec96e3db7bade8b56cd0761c2f0
SHA-256: 62b3f46e3f9a9cfa0d016104b00f8dd5e3c6122f3ac31eb5272ce9de7a89a8d4
tomcat6-servlet-2.5-api-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: d5c666137da2846cb4079b010bd7b38f
SHA-256: 4994acc27f320efc8b42843ee656a3b850d9fc61feedabc6c48dfe3b95940385
tomcat6-webapps-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: d2b60c12cec6aa52865041d3ca347edd
SHA-256: 3fdd761c07a1bef8a52cc0dafa5321ef6491daa0eb69f3e0dbde9521fdcdffcc
tomcat7-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: f062680e1b7cd258d3d826583f71ab46
SHA-256: 9cbac9555203716d9065a08d02bf3fe56c36d2da14da1a8e5f3fa1bfeded4217
tomcat7-admin-webapps-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: d3d875d4368bb4319aafaaf8e94f317c
SHA-256: 5162a234d09bb654fc5afd7119989b12a42b07429645d30a392d39ddaa1a73ef
tomcat7-docs-webapp-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 632ec145700ec41e62e6ad4a978d89b3
SHA-256: f75496749f4f33f825263317407007684c17762657b0a1b8b45b11d9ab90d717
tomcat7-el-1.0-api-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2013:1011
    MD5: 2c3e2d2627fa1b20906ae70f9540c5b1
SHA-256: a2f684124388e976d46910f9432069d8992968455fc6f80a21db9020a23b7980
tomcat7-javadoc-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 4e09916b394102548409aacdf6d9698e
SHA-256: fd882915c78991e6332eed8f2b357c0216852ac6e846933ef0c967e6adc76677
tomcat7-jsp-2.2-api-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 53c5dc7f410e6a8c4c2e7f2ec266dd92
SHA-256: 801e7d9378ed5ad07c4c46c43c5da3156c589a4e8deffef1a0c4762554ab162a
tomcat7-lib-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 8d2d0d4a4f87f8cc2294c2e800bac8c9
SHA-256: 66b994c43846a79573a3f6677ac55c8bf6c16e6f2cb2fdf9b3d5b1682c2fdec9
tomcat7-log4j-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 8a727a56cb0dff618af6f737cd14cd78
SHA-256: b810fde21fcd5e657abf3962bbd569265f0e16572dd4194f37de16f68c531cc1
tomcat7-servlet-3.0-api-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 5b48e36747463f9b99c29675ab0b2e58
SHA-256: 823468c408af7c4db3b9ab3cb8d5833b9894a7722d73ac4210c1e9c6cc5f5ff7
tomcat7-webapps-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: a7b16a34efd22c1963a1bba64a5711ef
SHA-256: 61697f41ef03fbed908ddaabe883d0c9f64bb177753d99ec58571151f4061b76
 
x86_64:
tomcat6-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: c8bf2fe40912117906cd02da75221650
SHA-256: 99034b8068d1b154c26c80b6ace6772294cfaee7679950f2b81d2873ce5c46c0
tomcat6-admin-webapps-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: ab3fb9755395abf90bfb6dfdd6c1c756
SHA-256: e79e5782b1459aa723fe958b4ed59b5139f3298f1bdd7d39cc7274a4febd9b02
tomcat6-docs-webapp-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: bb9db44313b9f35557531dad6a422f09
SHA-256: b0aba1c25694b8d5cba9ad87bbd9c7e869bfa9a797ca06a3e4ac83945b8d2393
tomcat6-el-1.0-api-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2013:1011
    MD5: 0201e348935ab95ce7869a3957ffafd7
SHA-256: 6db797ee5560efce525fdf568cb03394ef85a7b100d459fecb227dfc1abcbd2e
tomcat6-javadoc-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 23ec4b60e8eb4290440055b35200b232
SHA-256: 587cb21c2273ff9e5dd534bfc14de99340ccfec571ada5a46794064dc2e92c14
tomcat6-jsp-2.1-api-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: db2512939409f1900aa1d7b8417b0904
SHA-256: 68a0d2f312773758a27fe17c4be7e0a57956136161385ea5a4aeb6b7a3bb2c52
tomcat6-lib-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 6558a55cb2c2b12472fcc4b600dba1e5
SHA-256: 3e50eb651567424136326a5f17c1b3d929f19fb5e6356f2b0468a1783abec231
tomcat6-log4j-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: e8353ec96e3db7bade8b56cd0761c2f0
SHA-256: 62b3f46e3f9a9cfa0d016104b00f8dd5e3c6122f3ac31eb5272ce9de7a89a8d4
tomcat6-servlet-2.5-api-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: d5c666137da2846cb4079b010bd7b38f
SHA-256: 4994acc27f320efc8b42843ee656a3b850d9fc61feedabc6c48dfe3b95940385
tomcat6-webapps-6.0.35-12_patch_07.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: d2b60c12cec6aa52865041d3ca347edd
SHA-256: 3fdd761c07a1bef8a52cc0dafa5321ef6491daa0eb69f3e0dbde9521fdcdffcc
tomcat7-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: f062680e1b7cd258d3d826583f71ab46
SHA-256: 9cbac9555203716d9065a08d02bf3fe56c36d2da14da1a8e5f3fa1bfeded4217
tomcat7-admin-webapps-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: d3d875d4368bb4319aafaaf8e94f317c
SHA-256: 5162a234d09bb654fc5afd7119989b12a42b07429645d30a392d39ddaa1a73ef
tomcat7-docs-webapp-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 632ec145700ec41e62e6ad4a978d89b3
SHA-256: f75496749f4f33f825263317407007684c17762657b0a1b8b45b11d9ab90d717
tomcat7-el-1.0-api-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2013:1011
    MD5: 2c3e2d2627fa1b20906ae70f9540c5b1
SHA-256: a2f684124388e976d46910f9432069d8992968455fc6f80a21db9020a23b7980
tomcat7-javadoc-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 4e09916b394102548409aacdf6d9698e
SHA-256: fd882915c78991e6332eed8f2b357c0216852ac6e846933ef0c967e6adc76677
tomcat7-jsp-2.2-api-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 53c5dc7f410e6a8c4c2e7f2ec266dd92
SHA-256: 801e7d9378ed5ad07c4c46c43c5da3156c589a4e8deffef1a0c4762554ab162a
tomcat7-lib-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 8d2d0d4a4f87f8cc2294c2e800bac8c9
SHA-256: 66b994c43846a79573a3f6677ac55c8bf6c16e6f2cb2fdf9b3d5b1682c2fdec9
tomcat7-log4j-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 8a727a56cb0dff618af6f737cd14cd78
SHA-256: b810fde21fcd5e657abf3962bbd569265f0e16572dd4194f37de16f68c531cc1
tomcat7-servlet-3.0-api-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 5b48e36747463f9b99c29675ab0b2e58
SHA-256: 823468c408af7c4db3b9ab3cb8d5833b9894a7722d73ac4210c1e9c6cc5f5ff7
tomcat7-webapps-7.0.30-5_patch_03.ep6.el5.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: a7b16a34efd22c1963a1bba64a5711ef
SHA-256: 61697f41ef03fbed908ddaabe883d0c9f64bb177753d99ec58571151f4061b76
 
JBoss Enterprise Web Server v2 EL6

SRPMS:
tomcat7-7.0.30-7_patch_03.ep6.el6.src.rpm
File outdated by:  RHSA-2015:1622
    MD5: 7dc847a887a4b716f47e54147617751e
SHA-256: 3c61f5aafa3fef26f859a91d95d3ee1735b31f6ec3054f2e1012a4dc3be76ba0
 
IA-32:
tomcat6-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 118bb5c9f72516e017616d9c3c6364df
SHA-256: b96de49b8f86f49a2d8d5036b757bd9f10007f849055adb8354fc3a2590ffe28
tomcat6-admin-webapps-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: d59e98dcbf92c5b1153871c8c49ecef0
SHA-256: ee7f3a96abb2a77a133c647cd7d3ef29c301dad5cfbbced55584860cff7a0941
tomcat6-docs-webapp-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: ed31cc21d2a1702cff856a527a076f8c
SHA-256: f44e5f3f3f0a8796a6cb0eb47809bce81e59e53c89f77a1b57b9f8a20bc2d047
tomcat6-el-1.0-api-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2013:1012
    MD5: 4a2fdc6faa56ed1937fa84db16b614c6
SHA-256: 790a0bbeb4696aea8bbdb86f3f0d6f854cdb88e85cc5f076266ffae00d08149c
tomcat6-javadoc-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 042042023e2dc7a8342ab981a28f285f
SHA-256: 113ef8b4d37ef16a3249da369ebeac050a64573c1f91f868996b7fe93fc40d89
tomcat6-jsp-2.1-api-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: affa1a80c618809d7bcc351c0f400b3b
SHA-256: 9f3a17922021aa16ea77a71199948d938064a5e0d1c44eb2c067b1f10563cc39
tomcat6-lib-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 7e3b25fcfa21fc9cee4c1082638bbd28
SHA-256: 7240cfab259655168b2fc6c80053e8c4a2f76fddf75b7227f2326a24e00bc5a1
tomcat6-log4j-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: c47c0ff17576896d8878aaadb7abe2cc
SHA-256: 78400db75eadaa0d4e33a991ee8037150d8ec2accc2b6dbede23882777dc1f8a
tomcat6-servlet-2.5-api-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 138fe1c075349387b50f9027b92edd1d
SHA-256: e4aa2d54e94a21a7589aa12587663f53a26de2c318b929d40d9bf619ee63cb93
tomcat6-webapps-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 931dac78b6c24bcd51ff134804d24a8d
SHA-256: 55a83a14c8e55f1fcf067bf16989ce0b6ca211034d4dede96d923fcad20bb400
tomcat7-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 80a680f98f23ff59bf5d9e9ecc8eb98a
SHA-256: fdd0140330e18fd91d721b0fac07fe8ba7c57e37d7c4e99011f8f518ef6b1b85
tomcat7-admin-webapps-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: c1561fa977a3d8ec749b69ef21ac557d
SHA-256: 5cc7312c0a8ad01609a4c33244f5ea61de48b8f5b12115d00299141b7b1f8335
tomcat7-docs-webapp-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 85c120b76abe973bf9b0aed4aa4d1078
SHA-256: 05b43334dbd19775d8a540ce5b42364f4e9b69e362b03b8e765b1d497a1689e3
tomcat7-el-1.0-api-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2013:1012
    MD5: 040cf7beaf8f1820664353a2baa91554
SHA-256: 37658737c5ac5348980b6c0101c9c1acdee8f86b40ec1b3ddeb99d788b1d99bc
tomcat7-javadoc-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: eabab86663b771bcf4cd7f0c8f758936
SHA-256: e285c96dd7c9078af77498030e7b93eb8eb06c83287b7b4a762031635798677d
tomcat7-jsp-2.2-api-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: c0e4e838cba37d93df6ef5cd08271130
SHA-256: 5d46446afd3e1987f68ad77b737386de76d3bc06c4c483bc710f732d3c75e4e5
tomcat7-lib-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 249a8ef2e483e13598976a33e5beadc5
SHA-256: 62524e34bd3f63d9d6ec3522268deb3211d2e83c58150864b3f4b784363f641c
tomcat7-log4j-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: adc06318c251a493cb5e076a93bc8279
SHA-256: 496b53620a1ba079ce5bdb81604be9e7bf2305d25a97c2928fa3da4667e5eb37
tomcat7-servlet-3.0-api-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 9328e4bdbec1b92cdac8f4ade5015ae3
SHA-256: b48fd3c31479229c6402d1b21984d2b993a40c74dfafe53ec7a06db674c60d13
tomcat7-webapps-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 8f27b823fe2e29ef9ca402a394a56aee
SHA-256: 895a892c4eddb104c2c18880c0640da63b46457516d9669e51e5c7795bf3230b
 
x86_64:
tomcat6-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 118bb5c9f72516e017616d9c3c6364df
SHA-256: b96de49b8f86f49a2d8d5036b757bd9f10007f849055adb8354fc3a2590ffe28
tomcat6-admin-webapps-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: d59e98dcbf92c5b1153871c8c49ecef0
SHA-256: ee7f3a96abb2a77a133c647cd7d3ef29c301dad5cfbbced55584860cff7a0941
tomcat6-docs-webapp-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: ed31cc21d2a1702cff856a527a076f8c
SHA-256: f44e5f3f3f0a8796a6cb0eb47809bce81e59e53c89f77a1b57b9f8a20bc2d047
tomcat6-el-1.0-api-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2013:1012
    MD5: 4a2fdc6faa56ed1937fa84db16b614c6
SHA-256: 790a0bbeb4696aea8bbdb86f3f0d6f854cdb88e85cc5f076266ffae00d08149c
tomcat6-javadoc-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 042042023e2dc7a8342ab981a28f285f
SHA-256: 113ef8b4d37ef16a3249da369ebeac050a64573c1f91f868996b7fe93fc40d89
tomcat6-jsp-2.1-api-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: affa1a80c618809d7bcc351c0f400b3b
SHA-256: 9f3a17922021aa16ea77a71199948d938064a5e0d1c44eb2c067b1f10563cc39
tomcat6-lib-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 7e3b25fcfa21fc9cee4c1082638bbd28
SHA-256: 7240cfab259655168b2fc6c80053e8c4a2f76fddf75b7227f2326a24e00bc5a1
tomcat6-log4j-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: c47c0ff17576896d8878aaadb7abe2cc
SHA-256: 78400db75eadaa0d4e33a991ee8037150d8ec2accc2b6dbede23882777dc1f8a
tomcat6-servlet-2.5-api-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 138fe1c075349387b50f9027b92edd1d
SHA-256: e4aa2d54e94a21a7589aa12587663f53a26de2c318b929d40d9bf619ee63cb93
tomcat6-webapps-6.0.35-33_patch_07.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 931dac78b6c24bcd51ff134804d24a8d
SHA-256: 55a83a14c8e55f1fcf067bf16989ce0b6ca211034d4dede96d923fcad20bb400
tomcat7-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 80a680f98f23ff59bf5d9e9ecc8eb98a
SHA-256: fdd0140330e18fd91d721b0fac07fe8ba7c57e37d7c4e99011f8f518ef6b1b85
tomcat7-admin-webapps-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: c1561fa977a3d8ec749b69ef21ac557d
SHA-256: 5cc7312c0a8ad01609a4c33244f5ea61de48b8f5b12115d00299141b7b1f8335
tomcat7-docs-webapp-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 85c120b76abe973bf9b0aed4aa4d1078
SHA-256: 05b43334dbd19775d8a540ce5b42364f4e9b69e362b03b8e765b1d497a1689e3
tomcat7-el-1.0-api-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2013:1012
    MD5: 040cf7beaf8f1820664353a2baa91554
SHA-256: 37658737c5ac5348980b6c0101c9c1acdee8f86b40ec1b3ddeb99d788b1d99bc
tomcat7-javadoc-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: eabab86663b771bcf4cd7f0c8f758936
SHA-256: e285c96dd7c9078af77498030e7b93eb8eb06c83287b7b4a762031635798677d
tomcat7-jsp-2.2-api-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: c0e4e838cba37d93df6ef5cd08271130
SHA-256: 5d46446afd3e1987f68ad77b737386de76d3bc06c4c483bc710f732d3c75e4e5
tomcat7-lib-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 249a8ef2e483e13598976a33e5beadc5
SHA-256: 62524e34bd3f63d9d6ec3522268deb3211d2e83c58150864b3f4b784363f641c
tomcat7-log4j-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: adc06318c251a493cb5e076a93bc8279
SHA-256: 496b53620a1ba079ce5bdb81604be9e7bf2305d25a97c2928fa3da4667e5eb37
tomcat7-servlet-3.0-api-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 9328e4bdbec1b92cdac8f4ade5015ae3
SHA-256: b48fd3c31479229c6402d1b21984d2b993a40c74dfafe53ec7a06db674c60d13
tomcat7-webapps-7.0.30-7_patch_03.ep6.el6.noarch.rpm
File outdated by:  RHSA-2015:1622
    MD5: 8f27b823fe2e29ef9ca402a394a56aee
SHA-256: 895a892c4eddb104c2c18880c0640da63b46457516d9669e51e5c7795bf3230b
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

927622 - CVE-2013-1976 tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/