tomcat6-6.0.24-115.el6_10.noarch
[95 KiB] |
Changelog
by Coty Sutherland (2020-05-28):
- Resolves: CVE-2020-9484 tomcat6: tomcat: Apache Tomcat Remote Code Execution via session persistence
|
tomcat6-6.0.24-114.el6_10.noarch
[95 KiB] |
Changelog
by Coty Sutherland (2020-03-16):
- Related: rhbz#1806803 Update patch to remove secret attribute renaming
|
tomcat6-6.0.24-111.el6_9.noarch
[95 KiB] |
Changelog
by Coty Sutherland (2017-10-12):
- Resolves: rhbz#1498345 CVE-2017-12615 CVE-2017-12617 tomcat6: various flaws
|
tomcat6-6.0.24-105.el6_8.noarch
[94 KiB] |
Changelog
by Coty Sutherland (2017-02-20):
- Related: rhbz#1402664 CVE-2016-6816 Adding system property from asfbz-60594 to allow use of some un-encoded characters
- Related: rhbz#1402664 CVE-2016-6816 Resolving a security regression (2017-6056) caused by CVE-2016-6816
|
tomcat6-6.0.24-98.el6_8.noarch
[93 KiB] |
Changelog
by Coty Sutherland (2016-08-23):
- Resolves: rhbz#1362210 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header
- Resolves: rhbz#1368119
|
tomcat6-6.0.24-94.el6_7.i686
[92 KiB] |
Changelog
by Coty Sutherland (2016-01-28):
- Resolves: rhbz#1293289 CVE-2014-7810 tomcat6 security manager bypass via EL expressions
|
tomcat6-6.0.24-83.el6_6.i686
[90 KiB] |
Changelog
by David Knox (2015-04-13):
- Related: rhbz#1207048 tomcat initscript didn't assign
- RETVAL after killing tomcat process
|
tomcat6-6.0.24-78.el6_5.noarch
[90 KiB] |
Changelog
by David Knox (2014-08-06):
- Related: CVE-2013-4590 - remove xml schema names javaee_5,
- javaee_web_services_1_2, and javaee_web_services_1_2_client
- from descriptor.DigesterFactory initialization. These
- schema definitions are not relevant to 6.0.24 as the version
- of their spec did not exist at the time.
|
tomcat6-6.0.24-72.el6_5.noarch
[89 KiB] |
Changelog
by David Knox (2014-07-07):
- Related: CVE-2014-0075 - rebuild to generate javadoc
- correctly. previous build generated 0-length javadoc
|
tomcat6-6.0.24-64.el6_5.noarch
[88 KiB] |
Changelog
by David Knox (2014-04-10):
- Resolves: CVE-2014-0050
|
tomcat6-6.0.24-57.el6_4.noarch
[88 KiB] |
Changelog
by David Knox (2013-06-13):
- Related: CVE-2013-2067 Session fixation
|
tomcat6-6.0.24-55.el6_4.noarch
[87 KiB] |
Changelog
by David Knox (2013-05-15):
- Related: rhbz#955976 CVE-2013-1976. Changed log location
- so only root can use it. Touching TOMCAT_LOG is no longer
- required
|
tomcat6-6.0.24-52.el6_4.noarch
[87 KiB] |
Changelog
by David Knox (2013-03-01):
- Related: rhbz 882010 rhbz 883692 rhbz 883705
- Javadoc generation did not work. Using targetrhel-6.4.Z-noarch-candidate
- to avoid building on ppc64, ppc, and x390x.
|
tomcat6-6.0.24-36.el6_2.noarch
[85 KiB] |
Changelog
by David Knox (2012-03-29):
- Resolves: CVE-2012-0022 regression. Changes made to patch file.
|
tomcat6-6.0.24-35.el6_1.noarch
[86 KiB] |
Changelog
by David Knox (2011-11-14):
- Resolves: cve-2011-3190
- Resolves: cve-2011-2204
- Resolves: cve-2011-2526
- Resolves: cve-2011-1184
- Resolves: rhbz 748807 - tomcat6 broken when LANG="fr"
|