You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2007/04/26 04:38:37 UTC

svn commit: r532578 - in /tomcat/site/trunk: docs/security-4.html docs/security-5.html docs/security-jk.html xdocs/security-4.xml xdocs/security-5.xml xdocs/security-jk.xml

Author: markt
Date: Wed Apr 25 19:38:37 2007
New Revision: 532578

URL: http://svn.apache.org/viewvc?view=rev&rev=532578
Log:
More security updates.

Modified:
    tomcat/site/trunk/docs/security-4.html
    tomcat/site/trunk/docs/security-5.html
    tomcat/site/trunk/docs/security-jk.html
    tomcat/site/trunk/xdocs/security-4.xml
    tomcat/site/trunk/xdocs/security-5.xml
    tomcat/site/trunk/xdocs/security-jk.xml

Modified: tomcat/site/trunk/docs/security-4.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?view=diff&rev=532578&r1=532577&r2=532578
==============================================================================
--- tomcat/site/trunk/docs/security-4.html (original)
+++ tomcat/site/trunk/docs/security-4.html Wed Apr 25 19:38:37 2007
@@ -393,6 +393,18 @@
     <p>Affects: 4.0.0-4.0.6, 4.1.0-4.1.31</p>
 
     <p>
+<strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838">
+       CVE-2005-4838</a>
+</p>
+
+    <p>Various JSPs included as part of the JSP examples and the Tomcat Manager
+       are susceptible to a cross-site scripting attack as they do not escape
+       user provided data before including it in the returned page.</p>
+
+    <p>Affects: 4.0.0-4.0.6, 4.1.0-4.1.31</p>
+
+    <p>
 <strong>important: Denial of service</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510">
        CVE-2005-3510</a>

Modified: tomcat/site/trunk/docs/security-5.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?view=diff&rev=532578&r1=532577&r2=532578
==============================================================================
--- tomcat/site/trunk/docs/security-5.html (original)
+++ tomcat/site/trunk/docs/security-5.html Wed Apr 25 19:38:37 2007
@@ -379,8 +379,8 @@
 <tr>
 <td bgcolor="#525D76">
 <font color="#ffffff" face="arial,helvetica,sanserif">
-<a name="Fixed in Apache Tomcat 5.5.16">
-<strong>Fixed in Apache Tomcat 5.5.16</strong>
+<a name="Fixed in Apache Tomcat 5.5.16, 5.0.HEAD">
+<strong>Fixed in Apache Tomcat 5.5.16, 5.0.HEAD</strong>
 </a>
 </font>
 </td>
@@ -399,7 +399,7 @@
        susceptible to a cross-site scripting attack as it does not escape
        user provided data before including it in the returned page.</p>
 
-    <p>Affects: 5.0.0-5.0.HEAD, 5.5.0-5.5.15</p>
+    <p>Affects: 5.0.0-5.0.30, 5.5.0-5.5.15</p>
   </blockquote>
 </p>
 </td>
@@ -455,6 +455,41 @@
        for large directories, by caching directory listings.</p>
 
     <p>Affects: 5.0.0-5.5.30, 5.5.0-5.5.12</p>
+  </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat 5.5.7, 5.0.HEAD">
+<strong>Fixed in Apache Tomcat 5.5.7, 5.0.HEAD</strong>
+</a>
+</font>
+</td>
+</tr>
+<tr>
+<td>
+<p>
+<blockquote>
+    <p>
+<strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838">
+       CVE-2005-4838</a>
+</p>
+
+    <p>Various JSPs included as part of the JSP examples and the Tomcat Manager
+       are susceptible to a cross-site scripting attack as they do not escape
+       user provided data before including it in the returned page.</p>
+
+    <p>Affects: 5.0.0-5.0.30, 5.5.0-5.5.6</p>
   </blockquote>
 </p>
 </td>

Modified: tomcat/site/trunk/docs/security-jk.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-jk.html?view=diff&rev=532578&r1=532577&r2=532578
==============================================================================
--- tomcat/site/trunk/docs/security-jk.html (original)
+++ tomcat/site/trunk/docs/security-jk.html Wed Apr 25 19:38:37 2007
@@ -244,6 +244,45 @@
 </td>
 </tr>
 </table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat JK Connector 1.2.16">
+<strong>Fixed in Apache Tomcat JK Connector 1.2.16</strong>
+</a>
+</font>
+</td>
+</tr>
+<tr>
+<td>
+<p>
+<blockquote>
+    <p>
+<strong>important: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7197">
+       CVE-2006-7197</a>
+</p>
+
+    <p>The Tomcat AJP connector contained a bug that sometimes set a too long
+       length for the chunks delivered by send_body_chunks AJP messages. Bugs of
+       this type can cause mod_jk to read beyond buffer boundaries and thus
+       reveal sensitive memory information to a client.</p>
+
+    <p>Affects: JK 1.2.0-1.2.15<br/>
+       Source shipped with: Tomcat 4.0.1-4.0.6, 4.1.0-4.1.32, 5.0.0-5.0.30,
+       5.5.0-5.5.16</p>
+
+  </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
 </td>
 </tr>
 <!--FOOTER SEPARATOR-->

Modified: tomcat/site/trunk/xdocs/security-4.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-4.xml?view=diff&rev=532578&r1=532577&r2=532578
==============================================================================
--- tomcat/site/trunk/xdocs/security-4.xml (original)
+++ tomcat/site/trunk/xdocs/security-4.xml Wed Apr 25 19:38:37 2007
@@ -140,6 +140,16 @@
 
     <p>Affects: 4.0.0-4.0.6, 4.1.0-4.1.31</p>
 
+    <p><strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838">
+       CVE-2005-4838</a></p>
+
+    <p>Various JSPs included as part of the JSP examples and the Tomcat Manager
+       are susceptible to a cross-site scripting attack as they do not escape
+       user provided data before including it in the returned page.</p>
+
+    <p>Affects: 4.0.0-4.0.6, 4.1.0-4.1.31</p>
+
     <p><strong>important: Denial of service</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510">
        CVE-2005-3510</a></p>

Modified: tomcat/site/trunk/xdocs/security-5.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-5.xml?view=diff&rev=532578&r1=532577&r2=532578
==============================================================================
--- tomcat/site/trunk/xdocs/security-5.xml (original)
+++ tomcat/site/trunk/xdocs/security-5.xml Wed Apr 25 19:38:37 2007
@@ -100,7 +100,7 @@
     <p>Affects: 5.0.0-5.0.30, 5.5.0-5.5.17</p>
   </section>
 
-  <section name="Fixed in Apache Tomcat 5.5.16">
+  <section name="Fixed in Apache Tomcat 5.5.16, 5.0.HEAD">
     <p><strong>low: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196">
        CVE-2006-7196</a></p>
@@ -109,7 +109,7 @@
        susceptible to a cross-site scripting attack as it does not escape
        user provided data before including it in the returned page.</p>
 
-    <p>Affects: 5.0.0-5.0.HEAD, 5.5.0-5.5.15</p>
+    <p>Affects: 5.0.0-5.0.30, 5.5.0-5.5.15</p>
   </section>
 
 
@@ -141,6 +141,18 @@
        for large directories, by caching directory listings.</p>
 
     <p>Affects: 5.0.0-5.5.30, 5.5.0-5.5.12</p>
+  </section>
+
+  <section name="Fixed in Apache Tomcat 5.5.7, 5.0.HEAD">
+    <p><strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4838">
+       CVE-2005-4838</a></p>
+
+    <p>Various JSPs included as part of the JSP examples and the Tomcat Manager
+       are susceptible to a cross-site scripting attack as they do not escape
+       user provided data before including it in the returned page.</p>
+
+    <p>Affects: 5.0.0-5.0.30, 5.5.0-5.5.6</p>
   </section>
 
   <section name="Not a vulnerability in Tomcat">

Modified: tomcat/site/trunk/xdocs/security-jk.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-jk.xml?view=diff&rev=532578&r1=532577&r2=532578
==============================================================================
--- tomcat/site/trunk/xdocs/security-jk.xml (original)
+++ tomcat/site/trunk/xdocs/security-jk.xml Wed Apr 25 19:38:37 2007
@@ -37,6 +37,23 @@
        Source shipped with: Tomcat 4.1.34, 5.5.20</p>
 
   </section>
+
+  <section name="Fixed in Apache Tomcat JK Connector 1.2.16">
+    <p><strong>important: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7197">
+       CVE-2006-7197</a></p>
+
+    <p>The Tomcat AJP connector contained a bug that sometimes set a too long
+       length for the chunks delivered by send_body_chunks AJP messages. Bugs of
+       this type can cause mod_jk to read beyond buffer boundaries and thus
+       reveal sensitive memory information to a client.</p>
+
+    <p>Affects: JK 1.2.0-1.2.15<br/>
+       Source shipped with: Tomcat 4.0.1-4.0.6, 4.1.0-4.1.32, 5.0.0-5.0.30,
+       5.5.0-5.5.16</p>
+
+  </section>
+
 </body>
 </document>
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org