ELSA-2007-0327 Important: Enterprise Linux tomcat security update
Description
Enterprise Linux Security Advisory ELSA-2007-0327 https://rhn.redhat.com/errata/RHSA-2007-0327.html The following updated rpms for Enterprise Linux 5 have been uploaded to the Unbreakable Linux Network: i386: jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.i386.rpm jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.i386.rpm tomcat5-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.i386.rpm x86_64: jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.x86_64.rpm jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.x86_64.rpm tomcat5-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.x86_64.rpm SRPMS: http://oss.oracle.com/el5/SRPMS-updates/jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.src.rpm http://oss.oracle.com/el5/SRPMS-updates/tomcat5-5.5.23-0jpp.1.0.3.el5.src.rpm Description of changes: jakarta-commons-modeler-1.1-8jpp.1.0.2.el5 [1.1-8jpp.1.0.2.el5] - rebuild after the fix for bug 238139 made it into the build root - Resolves: bug 238694 [1.1-8jpp.1.0.1.el5] - Add patch to fix jira task: MODELER-15 to allow tomcat5 5.5.23 to build against j-c-modeler - Resolves: bug 238694 tomcat5-5.5.23-0jpp.1.0.3.el5 [5.5.23-0jpp.1.0.3.el5] - Rebuild since brp-repack-jars has been fixed to not mangle INDEX.LIST files - (bug 238139) - Resolves: bug 237089 [5.5.23-0jpp.1.0.2.el5] - Add catalina.out to the rpm and set explicit permissions; tomcat ownership - Resolves: bug 237089 [5.5.23-0jpp.1.0.1.el5] - Backport 0:5.5.23-0jpp.2.el5 to the Z-stream - Resolves: bug 237089 [5.5.23-0jpp.1] - Merge 0:5.5.17-8jpp.2 with sources/patches from 5.5.23 - Build against jakarta-commons-modeler 1.1 with MODELER-15 patch
Solution(s)
- oracle-linux-upgrade-jakarta-commons-modeler
- oracle-linux-upgrade-jakarta-commons-modeler-javadoc
- oracle-linux-upgrade-tomcat5
- oracle-linux-upgrade-tomcat5-admin-webapps
- oracle-linux-upgrade-tomcat5-common-lib
- oracle-linux-upgrade-tomcat5-jasper
- oracle-linux-upgrade-tomcat5-jasper-javadoc
- oracle-linux-upgrade-tomcat5-jsp-2-0-api
- oracle-linux-upgrade-tomcat5-jsp-2-0-api-javadoc
- oracle-linux-upgrade-tomcat5-server-lib
- oracle-linux-upgrade-tomcat5-servlet-2-4-api
- oracle-linux-upgrade-tomcat5-servlet-2-4-api-javadoc
- oracle-linux-upgrade-tomcat5-webapps
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center