You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2011/09/22 20:34:50 UTC
svn commit: r1174306 - in /tomcat/site/trunk: docs/security-7.html
xdocs/security-7.xml
Author: kkolinko
Date: Thu Sep 22 18:34:50 2011
New Revision: 1174306
URL: http://svn.apache.org/viewvc?rev=1174306&view=rev
Log:
Simplify the markup
Modified:
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/xdocs/security-7.xml
Modified: tomcat/site/trunk/docs/security-7.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1174306&r1=1174305&r2=1174306&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Thu Sep 22 18:34:50 2011
@@ -573,9 +573,7 @@
constraints configured via annotations were ignored on the first request
to a Servlet. Subsequent requests were secured correctly.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1100832&view=rev">
- revision 1100832</a>.</p>
+ <p>This was fixed in <a href="http://svn.apache.org/viewvc?view=rev&rev=1100832">revision 1100832</a>.</p>
<p>This was identified by the Tomcat security team on 13 April 2011 and
made public on 17 May 2011.</p>
@@ -623,12 +621,10 @@
user, a mix-up of responses for requests from different users may also be
possible.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1086349&view=rev">
- revision 1086349</a> and
- <a href="http://svn.apache.org/viewvc?rev=1086352&view=rev">
- revision 1086352</a>. (Note: HTTP pipelined requests are still likely to
- fail with the HTTP BIO connector but will do so in a secure manner.)</p>
+ <p>This was fixed in revisions <a href="http://svn.apache.org/viewvc?view=rev&rev=1086349">1086349</a> and
+ <a href="http://svn.apache.org/viewvc?view=rev&rev=1086352">1086352</a>.
+ (Note: HTTP pipelined requests are still likely to fail with the
+ HTTP BIO connector but will do so in a secure manner.)</p>
<p>This was reported publicly on the Tomcat Bugzilla issue tracker on 22 Mar
2011.</p>
@@ -644,9 +640,7 @@
were ignored when no login configuration was present in the web.xml and
the web application was marked as meta-data complete.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1087643&view=rev">
- revision 1087643</a>.</p>
+ <p>This was fixed in <a href="http://svn.apache.org/viewvc?view=rev&rev=1087643">revision 1087643</a>.</p>
<p>This was identified by the Tomcat security team on 17 March 2011 and
made public on 6 April 2011.</p>
@@ -691,15 +685,10 @@
may not have been protected as expected. This was partially fixed in
Apache Tomcat 7.0.10 and fully fixed in 7.0.11.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1076586&view=rev">
- revision 1076586</a>,
- <a href="http://svn.apache.org/viewvc?rev=1076587&view=rev">
- revision 1076587</a> and
- <a href="http://svn.apache.org/viewvc?rev=1077995&view=rev">
- revision 1077995</a> and
- <a href="http://svn.apache.org/viewvc?rev=1079752&view=rev">
- revision 1079752</a>.</p>
+ <p>This was fixed in revisions <a href="http://svn.apache.org/viewvc?view=rev&rev=1076586">1076586</a>,
+ <a href="http://svn.apache.org/viewvc?view=rev&rev=1076587">1076587</a>,
+ <a href="http://svn.apache.org/viewvc?view=rev&rev=1077995">1077995</a> and
+ <a href="http://svn.apache.org/viewvc?view=rev&rev=1079752">1079752</a>.</p>
<p>This was reported publicly on the Tomcat users mailing list on 2 Mar
2011.</p>
@@ -751,9 +740,7 @@
processing. That behaviour can be used for a denial of service attack
using a carefully crafted request.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1065939&view=rev">
- revision 1065939</a>.</p>
+ <p>This was fixed in <a href="http://svn.apache.org/viewvc?view=rev&rev=1065939">revision 1065939</a>.</p>
<p>This was identified by the Tomcat security team on 27 Jan 2011 and
made public on 5 Feb 2011.</p>
@@ -798,9 +785,7 @@
trigger script execution by an administrative user when viewing the
manager pages.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1057279&view=rev">
- revision 1057279</a>.</p>
+ <p>This was fixed in <a href="http://svn.apache.org/viewvc?view=rev&rev=1057279">revision 1057279</a>.</p>
<p>This was identified by the Tomcat security team on 12 Nov 2010 and
made public on 5 Feb 2011.</p>
@@ -845,9 +830,7 @@
scripting. The CSRF protection, which is enabled by default, prevents an
attacker from exploiting this.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1037778&view=rev">
- revision 1037778</a>.</p>
+ <p>This was fixed in <a href="http://svn.apache.org/viewvc?view=rev&rev=1037778">revision 1037778</a>.</p>
<p>This was first reported to the Tomcat security team on 15 Nov 2010 and
made public on 22 Nov 2010.</p>
@@ -901,9 +884,7 @@
applicable when hosting web applications from untrusted sources such as
shared hosting environments.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1022134&view=rev">
- revision 1022134</a>.</p>
+ <p>This was fixed in <a href="http://svn.apache.org/viewvc?view=rev&rev=1022134">revision 1022134</a>.</p>
<p>This was discovered by the Tomcat security team on 12 Oct 2010 and
made public on 5 Feb 2011.</p>
@@ -959,10 +940,8 @@
behind a reverse proxy (such as Apache httpd 2.2) as the proxy should
reject the invalid transfer encoding header.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=958911&view=rev">
- revision 958911</a>.</p>
-
+ <p>This was fixed in <a href="http://svn.apache.org/viewvc?view=rev&rev=958911">revision 958911</a>.</p>
+
<p>This was first reported to the Tomcat security team on 14 Jun 2010 and
made public on 9 Jul 2010.</p>
@@ -1009,8 +988,7 @@
</p>
<p>A work-around for this JVM bug was provided in
- <a href="http://svn.apache.org/viewvc?rev=1066244&view=rev">
- revision 1066244</a>.</p>
+ <a href="http://svn.apache.org/viewvc?view=rev&rev=1066244">revision 1066244</a>.</p>
<p>This was first reported to the Tomcat security team on 01 Feb 2011 and
made public on 31 Jan 2011.</p>
@@ -1048,8 +1026,7 @@
application.</p>
<p>This was worked-around in
- <a href="http://svn.apache.org/viewvc?rev=882320&view=rev">
- revision 891292</a>.</p>
+ <a href="http://svn.apache.org/viewvc?view=rev&rev=882320">revision 891292</a>.</p>
</blockquote>
</p>
Modified: tomcat/site/trunk/xdocs/security-7.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1174306&r1=1174305&r2=1174306&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Thu Sep 22 18:34:50 2011
@@ -188,16 +188,13 @@
<section name="Fixed in Apache Tomcat 7.0.14 (released 12 May 2011)">
<p><strong>Important: Security constraint bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1582"
- rel="nofollow">CVE-2011-1582</a></p>
+ <cve>CVE-2011-1582</cve></p>
<p>An error in the fixes for CVE-2011-1088/CVE-2011-1183 meant that security
constraints configured via annotations were ignored on the first request
to a Servlet. Subsequent requests were secured correctly.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1100832&view=rev">
- revision 1100832</a>.</p>
+ <p>This was fixed in <revlink rev="1100832">revision 1100832</revlink>.</p>
<p>This was identified by the Tomcat security team on 13 April 2011 and
made public on 17 May 2011.</p>
@@ -209,8 +206,7 @@
<section name="Fixed in Apache Tomcat 7.0.12 (released 6 Apr 2011)">
<p><strong>Important: Information disclosure</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1475"
- rel="nofollow">CVE-2011-1475</a></p>
+ <cve>CVE-2011-1475</cve></p>
<p>Changes introduced to the HTTP BIO connector to support Servlet 3.0
asynchronous requests did not fully account for HTTP pipelining. As a
@@ -220,12 +216,10 @@
user, a mix-up of responses for requests from different users may also be
possible.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1086349&view=rev">
- revision 1086349</a> and
- <a href="http://svn.apache.org/viewvc?rev=1086352&view=rev">
- revision 1086352</a>. (Note: HTTP pipelined requests are still likely to
- fail with the HTTP BIO connector but will do so in a secure manner.)</p>
+ <p>This was fixed in revisions <revlink rev="1086349">1086349</revlink> and
+ <revlink rev="1086352">1086352</revlink>.
+ (Note: HTTP pipelined requests are still likely to fail with the
+ HTTP BIO connector but will do so in a secure manner.)</p>
<p>This was reported publicly on the Tomcat Bugzilla issue tracker on 22 Mar
2011.</p>
@@ -233,16 +227,13 @@
<p>Affects: 7.0.0-7.0.11</p>
<p><strong>Important: Security constraint bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1183"
- rel="nofollow">CVE-2011-1183</a></p>
+ <cve>CVE-2011-1183</cve></p>
<p>A regression in the fix for CVE-2011-1088 meant that security constraints
were ignored when no login configuration was present in the web.xml and
the web application was marked as meta-data complete.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1087643&view=rev">
- revision 1087643</a>.</p>
+ <p>This was fixed in <revlink rev="1087643">revision 1087643</revlink>.</p>
<p>This was identified by the Tomcat security team on 17 March 2011 and
made public on 6 April 2011.</p>
@@ -254,23 +245,17 @@
<section name="Fixed in Apache Tomcat 7.0.11 (released 11 Mar 2011)">
<p><strong>Important: Security constraint bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1088"
- rel="nofollow">CVE-2011-1088</a></p>
+ <cve>CVE-2011-1088</cve></p>
<p>When a web application was started, <code>ServletSecurity</code>
annotations were ignored. This meant that some areas of the application
may not have been protected as expected. This was partially fixed in
Apache Tomcat 7.0.10 and fully fixed in 7.0.11.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1076586&view=rev">
- revision 1076586</a>,
- <a href="http://svn.apache.org/viewvc?rev=1076587&view=rev">
- revision 1076587</a> and
- <a href="http://svn.apache.org/viewvc?rev=1077995&view=rev">
- revision 1077995</a> and
- <a href="http://svn.apache.org/viewvc?rev=1079752&view=rev">
- revision 1079752</a>.</p>
+ <p>This was fixed in revisions <revlink rev="1076586">1076586</revlink>,
+ <revlink rev="1076587">1076587</revlink>,
+ <revlink rev="1077995">1077995</revlink> and
+ <revlink rev="1079752">1079752</revlink>.</p>
<p>This was reported publicly on the Tomcat users mailing list on 2 Mar
2011.</p>
@@ -288,16 +273,13 @@
affected versions.</i></p>
<p><strong>Important: Remote Denial Of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534"
- rel="nofollow">CVE-2011-0534</a></p>
+ <cve>CVE-2011-0534</cve></p>
<p>The NIO connector expands its buffer endlessly during request line
processing. That behaviour can be used for a denial of service attack
using a carefully crafted request.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1065939&view=rev">
- revision 1065939</a>.</p>
+ <p>This was fixed in <revlink rev="1065939">revision 1065939</revlink>.</p>
<p>This was identified by the Tomcat security team on 27 Jan 2011 and
made public on 5 Feb 2011.</p>
@@ -309,17 +291,14 @@
<section name="Fixed in Apache Tomcat 7.0.6 (released 14 Jan 2011)">
<p><strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013"
- rel="nofollow">CVE-2011-0013</a></p>
+ <cve>CVE-2011-0013</cve></p>
<p>The HTML Manager interface displayed web application provided data, such
as display names, without filtering. A malicious web application could
trigger script execution by an administrative user when viewing the
manager pages.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1057279&view=rev">
- revision 1057279</a>.</p>
+ <p>This was fixed in <revlink rev="1057279">revision 1057279</revlink>.</p>
<p>This was identified by the Tomcat security team on 12 Nov 2010 and
made public on 5 Feb 2011.</p>
@@ -331,17 +310,14 @@
<section name="Fixed in Apache Tomcat 7.0.5 (released 1 Dec 2010)">
<p><strong>low: Cross-site scripting</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172"
- rel="nofollow">CVE-2010-4172</a></p>
+ <cve>CVE-2010-4172</cve></p>
<p>The Manager application used the user provided parameters sort and
orderBy directly without filtering thereby permitting cross-site
scripting. The CSRF protection, which is enabled by default, prevents an
attacker from exploiting this.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1037778&view=rev">
- revision 1037778</a>.</p>
+ <p>This was fixed in <revlink rev="1037778">revision 1037778</revlink>.</p>
<p>This was first reported to the Tomcat security team on 15 Nov 2010 and
made public on 22 Nov 2010.</p>
@@ -353,8 +329,7 @@
<section name="Fixed in Apache Tomcat 7.0.4 (released 21 Oct 2010)">
<p><strong>low: SecurityManager file permission bypass</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718"
- rel="nofollow">CVE-2010-3718</a></p>
+ <cve>CVE-2010-3718</cve></p>
<p>When running under a SecurityManager, access to the file system is
limited but web applications are granted read/write permissions to the
@@ -370,9 +345,7 @@
applicable when hosting web applications from untrusted sources such as
shared hosting environments.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=1022134&view=rev">
- revision 1022134</a>.</p>
+ <p>This was fixed in <revlink rev="1022134">revision 1022134</revlink>.</p>
<p>This was discovered by the Tomcat security team on 12 Oct 2010 and
made public on 5 Feb 2011.</p>
@@ -391,8 +364,7 @@
<p><strong>Important: Remote Denial Of Service and Information Disclosure
Vulnerability</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227"
- rel="nofollow">CVE-2010-2227</a></p>
+ <cve>CVE-2010-2227</cve></p>
<p>Several flaws in the handling of the 'Transfer-Encoding' header were
found that prevented the recycling of a buffer. A remote attacker could
@@ -401,10 +373,8 @@
behind a reverse proxy (such as Apache httpd 2.2) as the proxy should
reject the invalid transfer encoding header.</p>
- <p>This was fixed in
- <a href="http://svn.apache.org/viewvc?rev=958911&view=rev">
- revision 958911</a>.</p>
-
+ <p>This was fixed in <revlink rev="958911">revision 958911</revlink>.</p>
+
<p>This was first reported to the Tomcat security team on 14 Jun 2010 and
made public on 9 Jul 2010.</p>
@@ -415,8 +385,7 @@
<section name="Not a vulnerability in Tomcat">
<p><strong>Important: Remote Denial Of Service</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476"
- rel="nofollow">CVE-2010-4476</a></p>
+ <cve>CVE-2010-4476</cve></p>
<p>A JVM bug could cause Double conversion to hang JVM when accessing to a
form based security constrained page or any page that calls
@@ -426,8 +395,7 @@
</p>
<p>A work-around for this JVM bug was provided in
- <a href="http://svn.apache.org/viewvc?rev=1066244&view=rev">
- revision 1066244</a>.</p>
+ <revlink rev="1066244">revision 1066244</revlink>.</p>
<p>This was first reported to the Tomcat security team on 01 Feb 2011 and
made public on 31 Jan 2011.</p>
@@ -435,8 +403,7 @@
<p>Affects: 7.0.0-7.0.6</p>
<p><strong>moderate: TLS SSL Man In The Middle</strong>
- <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"
- rel="nofollow">CVE-2009-3555</a></p>
+ <cve>CVE-2009-3555</cve></p>
<p>A vulnerability exists in the TLS protocol that allows an attacker to
inject arbitrary requests into an TLS stream during renegotiation.</p>
@@ -464,8 +431,7 @@
application.</p>
<p>This was worked-around in
- <a href="http://svn.apache.org/viewvc?rev=882320&view=rev">
- revision 891292</a>.</p>
+ <revlink rev="882320">revision 891292</revlink>.</p>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org