Bug 783359 (CVE-2012-0022)
Summary: | CVE-2012-0022 tomcat: large number of parameters DoS | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | David Jorm <djorm> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | awnuk, devrim, dknox, dwalluck, extras-orphan, jdennis, mharmsen, mjc, pcheung, sochotni, SpikeFedora, tfonteyn, tromey |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | tomcat5 5.5.35, tomcat6 6.0.35 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-10-03 15:50:06 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 783725, 783726, 783727, 783728, 783729, 783730, 783731, 783732, 783733, 783734, 783735, 783736, 783737, 783738, 796399 | ||
Bug Blocks: | 783361, 795277, 797038, 803191, 810065, 811419 |
Description
David Jorm
2012-01-20 06:11:14 UTC
As noted in bug #750521, the fixes do overlap with the fixes committed for CVE-2011-4858. Created tomcat6 tracking bugs for this issue Affects: fedora-all [bug 783736] Created tomcat5 tracking bugs for this issue Affects: fedora-all [bug 783735] Relevant upstream commits for Tomcat 5.5.x and 6.0.x listed in bug #750521, comment #34. This issue has been addressed in following products: JBoss Communications Platform 5.1.3 Via RHSA-2012:0078 https://rhn.redhat.com/errata/RHSA-2012-0078.html This issue has been addressed in following products: JBoss Enterprise Web Platform 5.1.2 Via RHSA-2012:0077 https://rhn.redhat.com/errata/RHSA-2012-0077.html This issue has been addressed in following products: JBEWP 5 for RHEL 6 JBEWP 5 for RHEL 4 JBEWP 5 for RHEL 5 Via RHSA-2012:0076 https://rhn.redhat.com/errata/RHSA-2012-0076.html This issue has been addressed in following products: JBoss Enterprise Application Platform 5.1.2 Via RHSA-2012:0075 https://rhn.redhat.com/errata/RHSA-2012-0075.html This issue has been addressed in following products: JBEAP 5 for RHEL 6 JBEAP 5 for RHEL 4 JBEAP 5 for RHEL 5 Via RHSA-2012:0074 https://rhn.redhat.com/errata/RHSA-2012-0074.html This issue has been addressed in following products: JBoss Enterprise BRMS Platform 5.2.0, JBoss Enterprise Portal Platform 5.2.0 and JBoss Enterprise SOA Platform 5.2.0 Via RHSA-2012:0325 https://rhn.redhat.com/errata/RHSA-2012-0325.html This issue has been addressed in following products: JBoss Enterprise Portal Platform 4.3 CP07 Via RHSA-2012:0345 https://rhn.redhat.com/errata/RHSA-2012-0345.html This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0475 https://rhn.redhat.com/errata/RHSA-2012-0475.html This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2012:0474 https://rhn.redhat.com/errata/RHSA-2012-0474.html This issue has been addressed in following products: JBEWS 1.0 for RHEL 5 JBEWS 1.0 for RHEL 6 Via RHSA-2012:0680 https://rhn.redhat.com/errata/RHSA-2012-0680.html This issue has been addressed in following products: JBEWS 1.0 Via RHSA-2012:0679 https://rhn.redhat.com/errata/RHSA-2012-0679.html This issue has been addressed in following products: JBEWS 1.0 Via RHSA-2012:0681 https://rhn.redhat.com/errata/RHSA-2012-0681.html This issue has been addressed in following products: JBEWS 1.0 for RHEL 5 JBEWS 1.0 for RHEL 6 Via RHSA-2012:0682 https://rhn.redhat.com/errata/RHSA-2012-0682.html This issue has been addressed in following products: JBoss Operations Network 3.1.1 Via RHSA-2012:1331 https://rhn.redhat.com/errata/RHSA-2012-1331.html |