networking/daemons

tomcat6 - Apache Servlet/JSP Engine, RI for Servlet 2.5/JSP 2.1 API

Website: http://tomcat.apache.org/
License: ASL 2.0
Vendor: Scientific Linux
Description:
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.

Packages

tomcat6-6.0.24-115.el6_10.noarch [95 KiB] Changelog by Coty Sutherland (2020-05-28):
- Resolves: CVE-2020-9484 tomcat6: tomcat: Apache Tomcat Remote Code Execution via session persistence
tomcat6-6.0.24-114.el6_10.noarch [95 KiB] Changelog by Coty Sutherland (2020-03-16):
- Related: rhbz#1806803 Update patch to remove secret attribute renaming
tomcat6-6.0.24-111.el6_9.noarch [95 KiB] Changelog by Coty Sutherland (2017-10-12):
- Resolves: rhbz#1498345 CVE-2017-12615 CVE-2017-12617 tomcat6: various flaws
tomcat6-6.0.24-105.el6_8.noarch [94 KiB] Changelog by Coty Sutherland (2017-02-20):
- Related: rhbz#1402664 CVE-2016-6816 Adding system property from asfbz-60594 to allow use of some un-encoded characters
- Related: rhbz#1402664 CVE-2016-6816 Resolving a security regression (2017-6056) caused by CVE-2016-6816
tomcat6-6.0.24-98.el6_8.noarch [93 KiB] Changelog by Coty Sutherland (2016-08-23):
- Resolves: rhbz#1362210 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header
- Resolves: rhbz#1368119
tomcat6-6.0.24-94.el6_7.x86_64 [91 KiB] Changelog by Coty Sutherland (2016-01-28):
- Resolves: rhbz#1293289 CVE-2014-7810 tomcat6 security manager bypass via EL expressions
tomcat6-6.0.24-83.el6_6.x86_64 [90 KiB] Changelog by David Knox (2015-04-13):
- Related: rhbz#1207048 tomcat initscript didn't assign
- RETVAL after killing tomcat process
tomcat6-6.0.24-78.el6_5.noarch [90 KiB] Changelog by David Knox (2014-08-06):
- Related: CVE-2013-4590  - remove xml schema names javaee_5,
- javaee_web_services_1_2, and javaee_web_services_1_2_client
- from descriptor.DigesterFactory initialization. These
- schema definitions are not relevant to 6.0.24 as the version
- of their spec did not exist at the time.
tomcat6-6.0.24-72.el6_5.noarch [89 KiB] Changelog by David Knox (2014-07-07):
- Related: CVE-2014-0075 - rebuild to generate javadoc
- correctly. previous build generated 0-length javadoc
tomcat6-6.0.24-64.el6_5.noarch [88 KiB] Changelog by David Knox (2014-04-10):
- Resolves: CVE-2014-0050
tomcat6-6.0.24-57.el6_4.noarch [88 KiB] Changelog by David Knox (2013-06-13):
- Related: CVE-2013-2067 Session fixation
tomcat6-6.0.24-55.el6_4.noarch [87 KiB] Changelog by David Knox (2013-05-15):
- Related: rhbz#955976 CVE-2013-1976. Changed log location
- so only root can use it. Touching TOMCAT_LOG is no longer
- required
tomcat6-6.0.24-52.el6_4.noarch [87 KiB] Changelog by David Knox (2013-03-01):
- Related: rhbz 882010 rhbz 883692 rhbz 883705
- Javadoc generation did not work. Using targetrhel-6.4.Z-noarch-candidate
- to avoid building on ppc64, ppc, and x390x.

Listing created by Repoview-0.6.6-4.el7