tomcat6-6.0.24-24.AXS4
エラータID: AXSA:2011-87:01
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process.
Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.
Security issues fixed with this release:
CVE-2010-4476
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
CVE-2011-0534
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
Update packages.
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
N/A
SRPMS
- tomcat6-6.0.24-24.AXS4.src.rpm
MD5: c98446fd3590152f1555b9c492179590
SHA-256: b146c1d8ce9ea2dc5f949b8570dfad69a57aa811c5ac902b41f4273232b3a7ae
Size: 3.32 MB
Asianux Server 4 for x86
- tomcat6-6.0.24-24.AXS4.noarch.rpm
MD5: 1d97389e7e17470711f5c57ed8ffae52
SHA-256: f3ca4e7049c7fce83efef23794530972c98d3736033053773f31546f348d3b97
Size: 85.57 kB - tomcat6-el-2.1-api-6.0.24-24.AXS4.noarch.rpm
MD5: 62496e4eef79474e9c88dcc28292deab
SHA-256: 70d9149bef24d4b8c4fe719f42c06914dafb0345816aef00b6823ab556bf4d12
Size: 40.71 kB - tomcat6-jsp-2.1-api-6.0.24-24.AXS4.noarch.rpm
MD5: 7ab5a391dcf26df1f5250267586b6369
SHA-256: 2794eb37cb062e97fc7ac232b1449dad5d162ee8febb49373cb6753e4fe3f09c
Size: 77.33 kB - tomcat6-lib-6.0.24-24.AXS4.noarch.rpm
MD5: 954e75fd75a28bf1d3bd95cb0006782d
SHA-256: ec6892bc50dc7d13d3427931de58dd5bac3d072c17393bb28822aeefe2772563
Size: 3.35 MB - tomcat6-servlet-2.5-api-6.0.24-24.AXS4.noarch.rpm
MD5: ccc188811d4f96fc2491b2c045d46e95
SHA-256: 2427721667a1d97631fba0cd70a81506b5557a9bdedb20335651aad1d16bb7c6
Size: 91.61 kB
Asianux Server 4 for x86_64
- tomcat6-6.0.24-24.AXS4.noarch.rpm
MD5: 9d6a71e8417324bbd6f496d45d156c5d
SHA-256: a3dfad3e15ce55997347b80e6f0b9086dd4c167c1cd30e98babf07f815e788ac
Size: 85.09 kB - tomcat6-el-2.1-api-6.0.24-24.AXS4.noarch.rpm
MD5: 334802e8756f016d77af8829860b6da4
SHA-256: bcb57a53271abea448425941e5d20aa8dcdc9d6c5f457d636f4f092ce86eae77
Size: 40.26 kB - tomcat6-jsp-2.1-api-6.0.24-24.AXS4.noarch.rpm
MD5: 5777978ffa655f0822d65b4de03e9e03
SHA-256: 771cdbb9a4ee774a286fc15c68c0c1c70819ac173cae60bfb48e33b8a2b27671
Size: 76.88 kB - tomcat6-lib-6.0.24-24.AXS4.noarch.rpm
MD5: 7b8f3091a0dd443aa4dab0834e62dc47
SHA-256: c71f230cf72ede80700bb93228dd59b13a3a3d618931dcaef83e5f57359c9173
Size: 3.35 MB - tomcat6-servlet-2.5-api-6.0.24-24.AXS4.noarch.rpm
MD5: 7f191d5218adc61e2a5d5254697816e9
SHA-256: e3a2bf805de29ee1770f553e0b1f6129d383a5ac03842daff5d29dae04e5053f
Size: 91.16 kB