tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r681699 - in /tomcat/site/trunk: docs/security-4.html docs/security-5.html docs/security-6.html xdocs/security-4.xml xdocs/security-5.xml xdocs/security-6.xml
Date Fri, 01 Aug 2008 14:05:45 GMT
Author: markt
Date: Fri Aug  1 07:05:44 2008
New Revision: 681699

URL: http://svn.apache.org/viewvc?rev=681699&view=rev
Log:
Update security pages.

Modified:
    tomcat/site/trunk/docs/security-4.html
    tomcat/site/trunk/docs/security-5.html
    tomcat/site/trunk/docs/security-6.html
    tomcat/site/trunk/xdocs/security-4.xml
    tomcat/site/trunk/xdocs/security-5.xml
    tomcat/site/trunk/xdocs/security-6.xml

Modified: tomcat/site/trunk/docs/security-4.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?rev=681699&r1=681698&r2=681699&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-4.html (original)
+++ tomcat/site/trunk/docs/security-4.html Fri Aug  1 07:05:44 2008
@@ -206,7 +206,6 @@
        vulnerabilities in the 4.0.x branch will not be fixed. Users should
        upgrade to 4.1.x, 5.5.x or 6.x to obtain security fixes.</p>
 
-
   </blockquote>
 </p>
 </td>
@@ -298,6 +297,61 @@
 <tr>
 <td bgcolor="#525D76">
 <font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat 4.1.SVN">
+<strong>Fixed in Apache Tomcat 4.1.SVN</strong>
+</a>
+</font>
+</td>
+</tr>
+<tr>
+<td>
+<p>
+<blockquote>
+
+    <p>
+<strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
+       CVE-2008-1232</a>
+</p>
+
+    <p>The message argument of HttpServletResponse.sendError() call is not only
+       displayed on the error page, but is also used for the reason-phrase of
+       HTTP response. This may include characters that are illegal in HTTP
+       headers. It is possible for a specially crafted message to result in
+       arbitrary content being injected into the HTTP response. For a successful
+       XSS attack, unfiltered user supplied data must be included in the message
+       argument.</p>
+
+    <p>Affects: 4.1.0-4.1.37</p>
+
+    <p>
+<strong>important: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
+       CVE-2008-2370</a>
+</p>
+
+    <p>When using a RequestDispatcher the target path was normalised before the 
+	   query string was removed. A request that included a specially crafted 
+       request parameter could be used to access content that would otherwise be 
+	   protected by a security constraint or by locating it in under the WEB-INF 
+       directory.</p>
+
+    <p>Affects: 4.1.0-4.1.37</p>
+    
+  </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 4.1.37">
 <strong>Fixed in Apache Tomcat 4.1.37</strong>
 </a>

Modified: tomcat/site/trunk/docs/security-5.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?rev=681699&r1=681698&r2=681699&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-5.html (original)
+++ tomcat/site/trunk/docs/security-5.html Fri Aug  1 07:05:44 2008
@@ -234,6 +234,22 @@
 <blockquote>
     <p>
 <strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
+       CVE-2008-1232</a>
+</p>
+
+    <p>The message argument of HttpServletResponse.sendError() call is not only
+       displayed on the error page, but is also used for the reason-phrase of
+       HTTP response. This may include characters that are illegal in HTTP
+       headers. It is possible for a specially crafted message to result in
+       arbitrary content being injected into the HTTP response. For a successful
+       XSS attack, unfiltered user supplied data must be included in the message
+       argument.</p>
+
+    <p>Affects: 5.5.0-5.5.26</p>
+
+    <p>
+<strong>low: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947">
        CVE-2008-1947</a>
 </p>
@@ -245,6 +261,21 @@
        have been completed.</p>
 
     <p>Affects: 5.5.9-5.5.26</p>
+    
+    <p>
+<strong>important: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
+       CVE-2008-2370</a>
+</p>
+
+    <p>When using a RequestDispatcher the target path was normalised before the 
+	   query string was removed. A request that included a specially crafted 
+       request parameter could be used to access content that would otherwise be 
+	   protected by a security constraint or by locating it in under the WEB-INF 
+       directory.</p>
+
+    <p>Affects: 5.5.0-5.5.26</p>
+    
   </blockquote>
 </p>
 </td>

Modified: tomcat/site/trunk/docs/security-6.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=681699&r1=681698&r2=681699&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-6.html (original)
+++ tomcat/site/trunk/docs/security-6.html Fri Aug  1 07:05:44 2008
@@ -216,8 +216,8 @@
 <tr>
 <td bgcolor="#525D76">
 <font color="#ffffff" face="arial,helvetica,sanserif">
-<a name="Fixed in Apache Tomcat 6.0.SVN">
-<strong>Fixed in Apache Tomcat 6.0.SVN</strong>
+<a name="Fixed in Apache Tomcat 6.0.18">
+<strong>Fixed in Apache Tomcat 6.0.18</strong>
 </a>
 </font>
 </td>
@@ -228,6 +228,22 @@
 <blockquote>
     <p>
 <strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
+       CVE-2008-1232</a>
+</p>
+
+    <p>The message argument of HttpServletResponse.sendError() call is not only
+       displayed on the error page, but is also used for the reason-phrase of
+       HTTP response. This may include characters that are illegal in HTTP
+       headers. It is possible for a specially crafted message to result in
+       arbitrary content being injected into the HTTP response. For a successful
+       XSS attack, unfiltered user supplied data must be included in the message
+       argument.</p>
+
+    <p>Affects: 6.0.0-6.0.16</p>
+
+    <p>
+<strong>low: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947">
        CVE-2008-1947</a>
 </p>
@@ -239,6 +255,20 @@
        have been completed.</p>
 
     <p>Affects: 6.0.0-6.0.16</p>
+
+    <p>
+<strong>important: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
+       CVE-2008-2370</a>
+</p>
+
+    <p>When using a RequestDispatcher the target path was normalised before the 
+	   query string was removed. A request that included a specially crafted 
+       request parameter could be used to access content that would otherwise be 
+	   protected by a security constraint or by locating it in under the WEB-INF 
+       directory.</p>
+
+    <p>Affects: 6.0.0-6.0.16</p>
   </blockquote>
 </p>
 </td>

Modified: tomcat/site/trunk/xdocs/security-4.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-4.xml?rev=681699&r1=681698&r2=681699&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-4.xml (original)
+++ tomcat/site/trunk/xdocs/security-4.xml Fri Aug  1 07:05:44 2008
@@ -24,7 +24,6 @@
        vulnerabilities in the 4.0.x branch will not be fixed. Users should
        upgrade to 4.1.x, 5.5.x or 6.x to obtain security fixes.</p>
 
-
   </section>
 
   <section name="Will not be fixed in Apache Tomcat 4.1.x">
@@ -58,6 +57,36 @@
 
   </section>
 
+  <section name="Fixed in Apache Tomcat 4.1.SVN">
+
+    <p><strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
+       CVE-2008-1232</a></p>
+
+    <p>The message argument of HttpServletResponse.sendError() call is not only
+       displayed on the error page, but is also used for the reason-phrase of
+       HTTP response. This may include characters that are illegal in HTTP
+       headers. It is possible for a specially crafted message to result in
+       arbitrary content being injected into the HTTP response. For a successful
+       XSS attack, unfiltered user supplied data must be included in the message
+       argument.</p>
+
+    <p>Affects: 4.1.0-4.1.37</p>
+
+    <p><strong>important: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
+       CVE-2008-2370</a></p>
+
+    <p>When using a RequestDispatcher the target path was normalised before the 
+	   query string was removed. A request that included a specially crafted 
+       request parameter could be used to access content that would otherwise be 
+	   protected by a security constraint or by locating it in under the WEB-INF 
+       directory.</p>
+
+    <p>Affects: 4.1.0-4.1.37</p>
+    
+  </section>
+
   <section name="Fixed in Apache Tomcat 4.1.37">
     <p><strong>important: Information disclosure</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3164">

Modified: tomcat/site/trunk/xdocs/security-5.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-5.xml?rev=681699&r1=681698&r2=681699&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-5.xml (original)
+++ tomcat/site/trunk/xdocs/security-5.xml Fri Aug  1 07:05:44 2008
@@ -30,6 +30,20 @@
 
   <section name="Fixed in Apache Tomcat 5.5.SVN">
     <p><strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
+       CVE-2008-1232</a></p>
+
+    <p>The message argument of HttpServletResponse.sendError() call is not only
+       displayed on the error page, but is also used for the reason-phrase of
+       HTTP response. This may include characters that are illegal in HTTP
+       headers. It is possible for a specially crafted message to result in
+       arbitrary content being injected into the HTTP response. For a successful
+       XSS attack, unfiltered user supplied data must be included in the message
+       argument.</p>
+
+    <p>Affects: 5.5.0-5.5.26</p>
+
+    <p><strong>low: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947">
        CVE-2008-1947</a></p>
 
@@ -40,6 +54,19 @@
        have been completed.</p>
 
     <p>Affects: 5.5.9-5.5.26</p>
+    
+    <p><strong>important: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
+       CVE-2008-2370</a></p>
+
+    <p>When using a RequestDispatcher the target path was normalised before the 
+	   query string was removed. A request that included a specially crafted 
+       request parameter could be used to access content that would otherwise be 
+	   protected by a security constraint or by locating it in under the WEB-INF 
+       directory.</p>
+
+    <p>Affects: 5.5.0-5.5.26</p>
+    
   </section>
 
   <section name="Fixed in Apache Tomcat 5.5.26">

Modified: tomcat/site/trunk/xdocs/security-6.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=681699&r1=681698&r2=681699&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-6.xml (original)
+++ tomcat/site/trunk/xdocs/security-6.xml Fri Aug  1 07:05:44 2008
@@ -22,7 +22,21 @@
 
   </section>
 
-  <section name="Fixed in Apache Tomcat 6.0.SVN">
+  <section name="Fixed in Apache Tomcat 6.0.18">
+    <p><strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232">
+       CVE-2008-1232</a></p>
+
+    <p>The message argument of HttpServletResponse.sendError() call is not only
+       displayed on the error page, but is also used for the reason-phrase of
+       HTTP response. This may include characters that are illegal in HTTP
+       headers. It is possible for a specially crafted message to result in
+       arbitrary content being injected into the HTTP response. For a successful
+       XSS attack, unfiltered user supplied data must be included in the message
+       argument.</p>
+
+    <p>Affects: 6.0.0-6.0.16</p>
+
     <p><strong>low: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947">
        CVE-2008-1947</a></p>
@@ -34,8 +48,21 @@
        have been completed.</p>
 
     <p>Affects: 6.0.0-6.0.16</p>
+
+    <p><strong>important: Information disclosure</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370">
+       CVE-2008-2370</a></p>
+
+    <p>When using a RequestDispatcher the target path was normalised before the 
+	   query string was removed. A request that included a specially crafted 
+       request parameter could be used to access content that would otherwise be 
+	   protected by a security constraint or by locating it in under the WEB-INF 
+       directory.</p>
+
+    <p>Affects: 6.0.0-6.0.16</p>
   </section>
 
+
   <section name="Fixed in Apache Tomcat 6.0.16">
     <p><strong>low: Session hi-jacking</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message