613253 – tomcat6-6.0.29 is available

Bug 613253 - tomcat6-6.0.29 is available

Summary: tomcat6-6.0.29 is available

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	tomcat6
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	David Knox
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-07-10 10:51 UTC by Upstream Release Monitoring
Modified:	2015-11-02 00:15 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2011-01-03 16:37:43 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	585369	low	CLOSED	CVE-2010-1157 tomcat: information disclosure in authentication headers [fedora-all]	2021-02-22 00:41:40 UTC
Red Hat Bugzilla	585370	low	CLOSED	CVE-2009-2901 CVE-2009-2902 CVE-2009-2693 CVE-2010-1157 tomcat: multiple vulnerabilities [fedora-all]	2021-02-22 00:41:40 UTC
Red Hat Bugzilla	632314	high	CLOSED	CVE-2010-2227 tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header [fedora-all]	2021-02-22 00:41:40 UTC

Internal Links: 585369 585370 632314

Description Upstream Release Monitoring 2010-07-10 10:51:18 UTC

Latest upstream release: 6.0.28
Current version in Fedora Rawhide: 6.0.26
URL: http://www.apache.org/dist/tomcat/tomcat-6/

Please consult the package update guidelines before you issue an update to a stable branch: https://fedoraproject.org/wiki/Package_update_guidelines

More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_Release_Monitoring

Comment 1 Upstream Release Monitoring 2010-07-24 10:23:29 UTC

Latest upstream release: 6.0.29
Current version in Fedora Rawhide: 6.0.26
URL: http://www.apache.org/dist/tomcat/tomcat-6/

Please consult the package update guidelines before you issue an update to a stable branch: https://fedoraproject.org/wiki/Package_update_guidelines

More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_Release_Monitoring

Comment 2 Fedora Admin XMLRPC Client 2010-08-23 17:58:20 UTC

This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Comment 3 Maxim Valyanskiy 2010-09-30 11:18:45 UTC

https://bugzilla.redhat.com/show_bug.cgi?id=638914

Comment 4 Jason Corley 2010-11-04 20:28:28 UTC

6.0.29 actually fixes two CVEs in the current (as of f14) release of the tomcat 6 rpm (CVE-2010-1157 and CVE-2010-2227). the severity should likely be changed to match that of ticket 632314. info here: http://tomcat.apache.org/security-6.html

Comment 5 Alexander Kurtakov 2011-01-03 16:37:43 UTC

http://koji.fedoraproject.org/koji/buildinfo?buildID=212316
Done.

Note You need to log in before you can comment on or make changes to this bug.