Bug 429834 - CVE-2008-0128 tomcat5 SSO cookie login information disclosure [rhn_satellite_4.2]
CVE-2008-0128 tomcat5 SSO cookie login information disclosure [rhn_satellite_...
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Other (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Miroslav Suchý
Preethi Thomas
: Security
Depends On:
Blocks: 135141 CVE-2008-0128 439866
  Show dependency treegraph
Reported: 2008-01-23 06:11 EST by Marc Schoenefeld
Modified: 2008-06-30 14:28 EDT (History)
0 users

See Also:
Fixed In Version: sat423
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-06-30 14:28:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Marc Schoenefeld 2008-01-23 06:11:59 EST
rhn_satellite_4.2 tracking bug: see blocks bug list for full details of the security issue(s).

This bug is never intended to be made public, please put any public notes in the 'blocks' bugs.

For the security issues handling process overview see: http://intranet.corp.redhat.com/ic/intranet/SecurityZStreamFAQ

[bug automatically created by: add-tracking-bugs]
Comment 1 Miroslav Suchý 2008-04-16 07:59:50 EDT
Promoted tomcat5-5.0.30-0jpp_10rh.noarch.rpm from support-satellite-5.0-4AS-java
collection, where we fixed it.
Comment 2 Miroslav Suchý 2008-04-29 08:18:42 EDT
QA push for 4.2.3 complete: satellite-4.2.3-1 and proxy-4.2.3-1 are
now on webqa. Note that there is _no_ ISO planned for the 4.2.3

Developers, please move your bugs ON_QA.
Comment 3 Preethi Thomas 2008-05-09 08:11:29 EDT
tomcat5-5.0.30-0jpp_10rh.noarch.rpm on both rhel3 & rhel4 satellites.
Comment 4 Steve Salevan 2008-06-24 16:22:35 EDT
Verified on Stage 423 RHEL3/4 satellites.  tomcat5-5.0.30-0jpp_10rh package is
available on both.  Moving to RELEASE_PENDING.
Comment 5 Preethi Thomas 2008-06-30 14:28:32 EDT
4.2.3 Satellite is now GA, bugs Closed for Current Release.

Note You need to log in before you can comment on or make changes to this bug.