hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Lord (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-4323) HttpFS is using Tomcat 6.0.32 which has numerous vulnerabilities
Date Tue, 18 Dec 2012 19:42:14 GMT
Jeff Lord created HDFS-4323:
-------------------------------

             Summary: HttpFS is using Tomcat 6.0.32 which has numerous vulnerabilities
                 Key: HDFS-4323
                 URL: https://issues.apache.org/jira/browse/HDFS-4323
             Project: Hadoop HDFS
          Issue Type: Bug
    Affects Versions: 2.0.2-alpha
            Reporter: Jeff Lord


Apache Tomcat DIGEST Vulnerabilities Medium CVE-2011-5064 5.0 Fail 
Apache Tomcat DIGEST Vulnerabilities Medium CVE-2011-5063 5.0 Fail	
Apache Tomcat DIGEST Vulnerabilities Medium CVE-2011-1184 5.0 Fail	
Apache Tomcat DIGEST Vulnerabilities Medium CVE-2011-5062 5.0 Fail	

Apache Tomcat Multiple Vulnerabilities (201108) Medium CVE-2011-2204 5.0 Fail 
Apache Tomcat Multiple Vulnerabilities (201108) Medium CVE-2011-2526 5.0 Fail 
Apache Tomcat Multiple Vulnerabilities (201108) Medium CVE-2011-2481 5.0 Fail 
Apache Tomcat Multiple Vulnerabilities (201108) Medium CVE-2011-2729 5.0 Fail 

Apache Tomcat Request Object Information Disclosure (20111001) Medium CVE-2011-3375 5.0 Fail

All of these have been fixed in subsequent release of Tomcat.
http://tomcat.apache.org/security-6.html

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message