Bug 428269

Summary: CVE-2007-5333 Improve cookie parsing for tomcat5 [rhn_satellite_5.0]
Product: Red Hat Satellite 5 Reporter: Marc Schoenefeld <mschoene>
Component: OtherAssignee: Jesus M. Rodriguez <jesusr>
Status: CLOSED NOTABUG QA Contact: Brandon Perkins <bperkins>
Severity: low Docs Contact:
Priority: low    
Version: 500Keywords: Reopened, Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-04-23 17:56:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 135141, 427766, 429320, 438231    

Description Marc Schoenefeld 2008-01-10 12:48:46 UTC 
rhn_satellite_5.0 tracking bug: see blocks bug list for full details of the security issue(s).

This bug is never intended to be made public, please put any public notes in the 'blocks' bugs.

For the security issues handling process overview see: http://intranet.corp.redhat.com/ic/intranet/SecurityZStreamFAQ

[bug automatically created by: add-tracking-bugs]
Comment 2 wes hayutin 2008-04-07 19:19:34 UTC 
[root@rlx-3-18 RPMS]# ls tomcat5-5.0.30-0jpp_9rh.noarch.rpm 
tomcat5-5.0.30-0jpp_9rh.noarch.rpm
[root@rlx-3-18 RPMS]# pwd
/tmp/mnt/RPMS
[root@rlx-3-18 RPMS]# 

verified
Comment 5 Brandon Perkins 2008-04-07 19:53:33 UTC 
This is not a bug.  The real issue that was talked about is actually:

private bug Bugzilla Bug 430731: CVE-2007-5461 CVE-2007-3385 CVE-2007-3382
CVE-2007-1358 CVE-2007-1355 CVE-2007-2450 CVE-2007-2449 CVE-2007-0450
CVE-2006-7196 CVE-2006-7195 CVE-2006-3835 CVE-2006-0254 CVE-2005-2090
CVE-2005-4838 CVE-2005-3510 tomcat5 various flaws [rhn_satellite_5.0]