Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 327711 - Security fixes in www-servers/tomcat-6.0.28
Summary: Security fixes in www-servers/tomcat-6.0.28
Status: RESOLVED DUPLICATE of bug 320963
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://tomcat.apache.org/tomcat-6.0-d...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-07-10 18:53 UTC by Petteri Räty (RETIRED)
Modified: 2010-07-10 19:08 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Petteri Räty (RETIRED) gentoo-dev 2010-07-10 18:53:47 UTC 
I just bumped it. Seems it has security fixes (starting from 6.0.27 that we never had):

fix	 Fix CVE-2010-1157. Prevent possible disclosure of host name or IP address via the HTTP WWW-Authenticate header when using BASIC or DIGEST authentication. (markt) 

Ask arches to mark stable?
Comment 1 Petteri Räty (RETIRED) gentoo-dev 2010-07-10 19:08:25 UTC 

*** This bug has been marked as a duplicate of bug 320963 ***