Back to bug 720948

Who When What Removed Added
Jan Lieskovsky 2011-07-13 10:25:25 UTC CC alee, awnuk, cfu, dknox, jdennis, jmagne, jpazdziora, mharmsen, pcheung
Jan Lieskovsky 2011-07-13 10:26:04 UTC Whiteboard public=20110901,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=new public=no,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=new
Jan Lieskovsky 2011-07-13 10:49:39 UTC Whiteboard public=no,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=new public=no,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=new,RHDS3/Platform=new
Jan Lieskovsky 2011-07-13 10:49:47 UTC CC tromey
Jan Lieskovsky 2011-07-13 11:21:18 UTC Blocks 720970
Jan Lieskovsky 2011-07-13 16:25:33 UTC Group security, qe_staff
Summary EMBARGOED CVE-2011-2526 tomcat5, tomcat6: Certain server files exposure and JVM crash via crafted web application running under security manager CVE-2011-2526 tomcat5, tomcat6: Certain server files exposure and JVM crash via crafted web application running under security manager
Whiteboard public=no,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=new,RHDS3/Platform=new public=20110713,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=new,RHDS3/Platform=new
Jan Lieskovsky 2011-07-13 16:41:11 UTC Whiteboard public=20110713,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=new,RHDS3/Platform=new public=20110713,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=affected,RHDS3/Platform=new
Jan Lieskovsky 2011-07-13 16:41:43 UTC Whiteboard public=20110713,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=new,rhel-6/tomcat6=new,fedora-all/tomcat6=affected,RHDS3/Platform=new public=20110713,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=affected,rhel-6/tomcat6=new,fedora-all/tomcat6=affected,RHDS3/Platform=new
Jan Lieskovsky 2011-07-13 16:43:22 UTC Depends On 721086
Jan Lieskovsky 2011-07-13 16:43:30 UTC Depends On 721087
David Knox 2011-07-13 17:29:26 UTC Status NEW ASSIGNED
David Jorm 2011-07-18 05:55:43 UTC Priority medium low
CC djorm
Whiteboard public=20110713,reported=20110712,source=secalert,impact=moderate,cvss2=3.3/AV:L/AC:M/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=affected,rhel-6/tomcat6=new,fedora-all/tomcat6=affected,RHDS3/Platform=new public=20110713,reported=20110712,source=secalert,impact=low,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=affected,rhel-6/tomcat6=new,fedora-all/tomcat6=affected,RHDS3/Platform=new
Severity medium low
David Jorm 2011-07-29 02:22:50 UTC Whiteboard public=20110713,reported=20110712,source=secalert,impact=low,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=new,certificate_system_7.3/Other=new,rhn_satellite_5.4/Server=new,jbews-1/Red Hat Enterprise Linux 4=new jbews-1/Red Hat Enterprise Linux 5=new,fedora-all/tomcat5=affected,rhel-6/tomcat6=new,fedora-all/tomcat6=affected,RHDS3/Platform=new public=20110713,reported=20110712,source=secalert,impact=low,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,jbews-1/Red Hat Enterprise Linux 4=defer jbews-1/Red Hat Enterprise Linux 5=defer,fedora-all/tomcat5=affected,rhel-6/tomcat6=defer,fedora-all/tomcat6=affected,RHDS3/Platform=notaffected
Luke Schierer 2011-08-25 17:39:47 UTC CC luke-redhat
David Jorm 2011-09-15 06:13:14 UTC Whiteboard public=20110713,reported=20110712,source=secalert,impact=low,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,jbews-1/Red Hat Enterprise Linux 4=defer jbews-1/Red Hat Enterprise Linux 5=defer,fedora-all/tomcat5=affected,rhel-6/tomcat6=defer,fedora-all/tomcat6=affected,RHDS3/Platform=notaffected public=20110713,reported=20110712,source=secalert,impact=low,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,jbews-1-el4/Red Hat Enterprise Linux 4=affected jbews-1-el5/Red Hat Enterprise Linux 5=affected,jbews-1-el6/Red Hat Enterprise Linux 6=affected,fedora-all/tomcat5=affected,rhel-6/tomcat6=affected,fedora-all/tomcat6=affected,RHDS3/Platform=notaffected
David Jorm 2011-09-15 06:14:37 UTC Depends On 738535
David Jorm 2011-09-15 06:14:47 UTC Depends On 738536
David Jorm 2011-09-15 06:14:57 UTC Depends On 738537
David Jorm 2011-09-15 06:15:12 UTC Depends On 738538
David Jorm 2011-09-15 06:15:25 UTC Depends On 738540
Tomas Hoger 2011-09-16 07:08:15 UTC Whiteboard public=20110713,reported=20110712,source=secalert,impact=low,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,jbews-1-el4/Red Hat Enterprise Linux 4=affected jbews-1-el5/Red Hat Enterprise Linux 5=affected,jbews-1-el6/Red Hat Enterprise Linux 6=affected,fedora-all/tomcat5=affected,rhel-6/tomcat6=affected,fedora-all/tomcat6=affected,RHDS3/Platform=notaffected impact=low,public=20110713,reported=20110712,source=secalert,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,fedora-all/tomcat5=affected,rhel-6/tomcat6=affected,fedora-all/tomcat6=affected,jbews-1/tomcat5=affected,jbews-1/tomcat6=affected certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,RHDS3/Platform=notaffected
Jan Ščotka 2011-09-21 11:39:31 UTC CC jscotka
Flags needinfo?
David Jorm 2011-09-22 07:57:06 UTC Flags needinfo?
Vincent Danen 2011-09-23 03:51:07 UTC CC vdanen
Fixed In Version tomcat 5.5.34, tomcat 6.0.33
Tomas Hoger 2011-09-27 08:03:32 UTC Depends On 738538
Tomas Hoger 2011-09-27 08:03:51 UTC Depends On 738540
Tomas Hoger 2011-09-27 08:05:37 UTC Depends On 738503
Tomas Hoger 2011-09-27 08:06:07 UTC Depends On 738504
Tomas Hoger 2011-09-27 08:23:46 UTC Summary CVE-2011-2526 tomcat5, tomcat6: Certain server files exposure and JVM crash via crafted web application running under security manager CVE-2011-2526 tomcat: security manager restrictions bypass
Tomas Hoger 2011-09-27 08:59:22 UTC Depends On 738535
Tomas Hoger 2011-09-27 09:00:22 UTC Depends On 738536
Tomas Hoger 2011-09-27 09:01:00 UTC Depends On 738537
Tomas Hoger 2011-09-27 09:04:53 UTC Depends On 738505
Tomas Hoger 2011-09-27 09:05:18 UTC Depends On 738506
Tomas Hoger 2011-09-27 09:05:26 UTC Depends On 738507
David Knox 2011-10-31 16:11:10 UTC Status ASSIGNED MODIFIED
Fixed In Version tomcat 5.5.34, tomcat 6.0.33 tomcat5-5.5.23-0jpp.21+
David Knox 2011-10-31 16:11:47 UTC Fixed In Version tomcat5-5.5.23-0jpp.21+
Gary Anderson 2011-12-23 15:19:41 UTC CC gary.p.anderson
David Jorm 2012-02-20 06:03:42 UTC Blocks 795277
hfnukal 2012-03-13 08:56:42 UTC See Also https://bugzilla.redhat.com/show_bug.cgi?id=794382
Tomas Hoger 2012-03-13 09:04:41 UTC Status MODIFIED NEW
David Jorm 2012-04-05 03:22:22 UTC Blocks 810065
Coty Sutherland 2012-05-01 16:43:24 UTC CC csutherl
Ian Springer 2012-05-22 16:13:08 UTC See Also https://bugzilla.redhat.com/show_bug.cgi?id=758931
David Jorm 2012-05-23 01:57:44 UTC Status NEW CLOSED
Resolution --- ERRATA
Last Closed 2012-05-22 21:57:44 UTC
Adam Mariš 2015-07-31 14:08:20 UTC CC amaris
Whiteboard impact=low,public=20110713,reported=20110712,source=secalert,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,fedora-all/tomcat5=affected,rhel-6/tomcat6=affected,fedora-all/tomcat6=affected,jbews-1/tomcat5=affected,jbews-1/tomcat6=affected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,RHDS3/Platform=notaffected impact=low,public=20110713,reported=20110712,source=redhat,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,fedora-all/tomcat5=affected,rhel-6/tomcat6=affected,fedora-all/tomcat6=affected,jbews-1/tomcat5=affected,jbews-1/tomcat6=affected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,RHDS3/Platform=notaffected
Adam Mariš 2015-07-31 14:08:33 UTC Whiteboard impact=low,public=20110713,reported=20110712,source=redhat,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,fedora-all/tomcat5=affected,rhel-6/tomcat6=affected,fedora-all/tomcat6=affected,jbews-1/tomcat5=affected,jbews-1/tomcat6=affected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,RHDS3/Platform=notaffected impact=low,public=20110713,reported=20110712,source=customer,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,fedora-all/tomcat5=affected,rhel-6/tomcat6=affected,fedora-all/tomcat6=affected,jbews-1/tomcat5=affected,jbews-1/tomcat6=affected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,RHDS3/Platform=notaffected
Adam Mariš 2016-11-08 16:16:21 UTC CC amaris
Product Security DevOps Team 2019-09-29 12:45:43 UTC Whiteboard impact=low,public=20110713,reported=20110712,source=customer,cvss2=2.6/AV:L/AC:H/Au:N/C:P/I:N/A:P,rhel-5/tomcat5=notaffected,fedora-all/tomcat5=affected,rhel-6/tomcat6=affected,fedora-all/tomcat6=affected,jbews-1/tomcat5=affected,jbews-1/tomcat6=affected,certificate_system_7.3/Other=notaffected,rhn_satellite_5.4/Server=notaffected,RHDS3/Platform=notaffected

Back to bug 720948