networking/daemons

tomcat5 - Apache Servlet/JSP Engine, RI for Servlet 2.4/JSP 2.0 API

Website: http://tomcat.apache.org/
License: Apache Software License
Vendor: Scientific Linux
Description:
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License. Tomcat is intended to be
a collaboration of the best-of-breed developers from around the world.
We invite you to participate in this open development project. To
learn more about getting involved, click here.

Packages

tomcat5-5.5.23-0jpp.40.el5_9.x86_64 [394 KiB] Changelog by David Knox (2013-05-23):
- Related: CVE-2013-1976 It was found during additional testing
- that the tomcat5 init may fail to start because the user
- shell is set to sbin/nologin. Fixed in init scrip. SU now
- uses -s /bin/sh during startup
tomcat5-5.5.23-0jpp.38.el5_9.x86_64 [394 KiB] Changelog by David Knox (2013-02-21):
- Resolves: CVE-2012-3439 rhbz#882008 three DIGEST authentication
- implementation
- Resolves: CVE-2012-3546, rhbz#913034 Bypass of security constraints.
- Remove unneeded handling of FORM authentication in RealmBase
tomcat5-5.5.23-0jpp.31.el5_8.x86_64 [362 KiB] Changelog by David Knox (2012-03-29):
- Resolves: CVE-2012 regression. Changed patch file.
tomcat5-5.5.23-0jpp.22.el5_7.x86_64 [362 KiB] Changelog by David Knox (2011-11-08):
- Resolves: CVE-2011-0013 rhbz 675931
- Resolves: CVE-2010-3718 rhbz 675931
- Resolves: CVE-2011-1184 rhbz 744983
- Resolves: CVE-2011-2204 rhbz 719181

Listing created by Repoview-0.6.6-1.el6