tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1067369 [1/2] - in /tomcat/site/trunk: docs/ xdocs/
Date Sat, 05 Feb 2011 01:13:24 GMT
Author: markt
Date: Sat Feb  5 01:13:23 2011
New Revision: 1067369

URL: http://svn.apache.org/viewvc?rev=1067369&view=rev
Log:
Update for Tomcat 7.0.8 release
Add additional security info

Modified:
    tomcat/site/trunk/docs/download-70.html
    tomcat/site/trunk/docs/security-5.html
    tomcat/site/trunk/docs/security-6.html
    tomcat/site/trunk/docs/security-7.html
    tomcat/site/trunk/docs/whichversion.html
    tomcat/site/trunk/xdocs/download-70.xml
    tomcat/site/trunk/xdocs/security-5.xml
    tomcat/site/trunk/xdocs/security-6.xml
    tomcat/site/trunk/xdocs/security-7.xml
    tomcat/site/trunk/xdocs/whichversion.xml

Modified: tomcat/site/trunk/docs/download-70.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/download-70.html?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/docs/download-70.html (original)
+++ tomcat/site/trunk/docs/download-70.html Sat Feb  5 01:13:23 2011
@@ -227,8 +227,8 @@
 <p>
 <blockquote>
         <a href="http://www.apache.org/dist/tomcat/tomcat-7/KEYS">KEYS</a> |
-        <a href="#7.0.6">7.0.6</a> |
-        <a href="[preferred]tomcat/tomcat-7/v7.0.6">Browse</a> |
+        <a href="#7.0.8">7.0.8</a> |
+        <a href="[preferred]tomcat/tomcat-7/v7.0.8">Browse</a> |
         <a href="http://archive.apache.org/dist/tomcat/tomcat-7">Archives</a>
       </blockquote>
 </p>
@@ -328,8 +328,8 @@
 <tr>
 <td bgcolor="#525D76">
 <font color="#ffffff" face="arial,helvetica,sanserif">
-<a name="7.0.6">
-<strong>7.0.6</strong>
+<a name="7.0.8">
+<strong>7.0.8</strong>
 </a>
 </font>
 </td>
@@ -339,8 +339,8 @@
 <p>
 <blockquote>
       <p>
-      <a name="7.0.6">Please</a> see the 
-      <a href="[preferred]tomcat/tomcat-7/v7.0.6/README.html">README</a>
+      <a name="7.0.8">Please</a> see the 
+      <a href="[preferred]tomcat/tomcat-7/v7.0.8/README.html">README</a>
       file for packaging information.  It explains what every distribution contains.
       </p>
 
@@ -364,95 +364,95 @@
         <li>Core:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.zip">zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.zip">zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.tar.gz">tar.gz</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.tar.gz.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.tar.gz">tar.gz</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.tar.gz.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.tar.gz.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x86.zip">32-bit Windows zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x86.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x86.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x86.zip">32-bit Windows zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x86.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x86.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x64.zip">64-bit Windows zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x64.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x64.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x64.zip">64-bit Windows zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x64.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x64.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-i64.zip">64-bit Itanium Windows zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-i64.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-i64.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-i64.zip">64-bit Itanium Windows zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-i64.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-i64.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.exe">32-bit/64-bit Windows Service Installer</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.exe.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.exe.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.exe">32-bit/64-bit Windows Service Installer</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.exe.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.exe.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Full documentation:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-fulldocs.tar.gz">tar.gz</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-fulldocs.tar.gz.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-fulldocs.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-fulldocs.tar.gz">tar.gz</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-fulldocs.tar.gz.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-fulldocs.tar.gz.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Deployer:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.zip">zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.zip.asc">pgp</a>,  
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.zip">zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.zip.asc">pgp</a>,  
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.tar.gz">tar.gz</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.tar.gz.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.tar.gz">tar.gz</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.tar.gz.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.tar.gz.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Extras:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/extras/catalina-jmx-remote.jar">JMX Remote jar</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/catalina-jmx-remote.jar.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/catalina-jmx-remote.jar.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/extras/catalina-jmx-remote.jar">JMX Remote jar</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/catalina-jmx-remote.jar.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/catalina-jmx-remote.jar.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/extras/catalina-ws.jar">Web services jar</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/catalina-ws.jar.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/catalina-ws.jar.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/extras/catalina-ws.jar">Web services jar</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/catalina-ws.jar.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/catalina-ws.jar.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli-adapters.jar">JULI adapters jar</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli-adapters.jar.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli-adapters.jar.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli-adapters.jar">JULI adapters jar</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli-adapters.jar.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli-adapters.jar.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli.jar">JULI log4j jar</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli.jar.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli.jar.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli.jar">JULI log4j jar</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli.jar.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli.jar.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Embedded:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.tar.gz">tar.gz</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.tar.gz.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.tar.gz">tar.gz</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.tar.gz.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.tar.gz.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.zip">zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.zip">zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.zip.md5">md5</a>)
           </li>
           </ul>
         </li>
@@ -487,14 +487,14 @@
 <blockquote>
       <ul>
         <li>
-          <a href="[preferred]tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.tar.gz">tar.gz</a> 
-          (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.tar.gz.asc">pgp</a>, 
-          <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.tar.gz.md5">md5</a>)
+          <a href="[preferred]tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.tar.gz">tar.gz</a> 
+          (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.tar.gz.asc">pgp</a>, 
+          <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.tar.gz.md5">md5</a>)
         </li>
         <li>
-          <a href="[preferred]tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.zip">zip</a> 
-          (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.zip.asc">pgp</a>, 
-          <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.zip.md5">md5</a>)
+          <a href="[preferred]tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.zip">zip</a> 
+          (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.zip.asc">pgp</a>, 
+          <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.zip.md5">md5</a>)
         </li>
       </ul>
       </blockquote>

Modified: tomcat/site/trunk/docs/security-5.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-5.html (original)
+++ tomcat/site/trunk/docs/security-5.html Sat Feb  5 01:13:23 2011
@@ -201,6 +201,9 @@
 <a href="#Apache_Tomcat_5.x_vulnerabilities">Apache Tomcat 5.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_5.5.32">Fixed in Apache Tomcat 5.5.32</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_5.5.30">Fixed in Apache Tomcat 5.5.30</a>
 </li>
 <li>
@@ -317,6 +320,59 @@
 <tr>
 <td bgcolor="#525D76">
 <font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat 5.5.32">
+<!--()-->
+</a>
+<a name="Fixed_in_Apache_Tomcat_5.5.32">
+<strong>Fixed in Apache Tomcat 5.5.32</strong>
+</a>
+</font>
+</td>
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
+<strong>released 1 Feb 2011</strong>
+</font>
+</td>
+</tr>
+<tr>
+<td colspan="2">
+<p>
+<blockquote>
+  
+    <p>
+<strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
+       CVE-2011-0013</a>
+</p>
+
+    <p>The HTML Manager interface displayed web applciation provided data, such
+       as display names, without filtering. A malicious web application could
+       trigger script execution by an administartive user when viewing the
+       manager pages.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1057279&amp;view=rev">
+       revision 1057279</a>.</p>
+
+    <p>This was identified by the Tomcat security team on 12 Nov 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 5.5.0-5.5.31</p>
+
+  </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 5.5.30">
 <!--()-->
 </a>
@@ -337,6 +393,35 @@
 <blockquote>
   
     <p>
+<strong>low: SecurityManager file permission bypass</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
+       CVE-2010-3718</a>
+</p>
+
+    <p>When running under a SecurityManager, access to the file system is
+       limited but web applications are granted read/write permissions to the
+       work directory. This directory is used for a variety of temporary files
+       such as the intermediate files generated when compiling JSPs to Servlets.
+       The location of the work directory is specified by a ServletContect
+       attribute that is meant to be read-only to web applications. However,
+       due to a coding error, the read-only setting was not applied. Therefore,
+       a malicious web application may modify the attribute before Tomcat
+       applies the file permissions. This can be used to grant read/write
+       permissions to any area on the file system which a malicious web
+       application may then take advantage of. This vulnerability is only
+       applicable when hosting web applications from untrusted sources such as
+       shared hosting environments.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1027610&amp;view=rev">
+       revision 1027610</a>.</p>
+
+    <p>This was discovered by the Tomcat security team on 12 Oct 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 5.5.0-5.5.29</p>
+    
+    <p>
 <strong>Important: Remote Denial Of Service and Information Disclosure
        Vulnerability</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227">
@@ -1491,6 +1576,28 @@
 <blockquote>
 
     <p>
+<strong>Important: Remote Denial Of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-XXXX">
+       CVE-2011-XXXX</a>
+</p>
+
+    <p>A JVM bug could cause Double conversion to hang JVM when accessing to a
+       form based security constrained page or any page that calls
+       javax.servlet.ServletRequest.getLocale() or
+       javax.servlet.ServletRequest.getLocales(). A specially crafted request
+       can be used to trigger a denial of service.
+    </p>
+
+    <p>A work-around for this JVM bug was provided in 
+       <a href="http://svn.apache.org/viewvc?rev=1066318&amp;view=rev">
+       revision 1066318</a>.</p>
+
+    <p>This was first reported to the Tomcat security team on 01 Feb 2011 and
+       made public on 31 Jan 2011.</p>
+
+    <p>Affects: 5.5.0-5.5.32</p>
+
+    <p>
 <strong>moderate: TLS SSL Man In The Middle</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
        CVE-2009-3555</a>

Modified: tomcat/site/trunk/docs/security-6.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-6.html (original)
+++ tomcat/site/trunk/docs/security-6.html Sat Feb  5 01:13:23 2011
@@ -3,18 +3,18 @@
 <html>
 <head>
 <title>Apache Tomcat - Apache Tomcat 6 vulnerabilities</title>
-<meta content="Apache Tomcat Project" name="author" />
-<link rel="stylesheet" href="stylesheets/tomcat.css" type="text/css" />
-<link media="print" rel="stylesheet" href="stylesheets/tomcat-printer.css" type="text/css" />
+<meta name="author" content="Apache Tomcat Project"/>
+<link type="text/css" href="stylesheets/tomcat.css" rel="stylesheet"/>
+<link type="text/css" href="stylesheets/tomcat-printer.css" rel="stylesheet" media="print"/>
 </head>
-<body vlink="#525D76" alink="#525D76" link="#525D76" text="#000000" bgcolor="#ffffff">
-<table cellspacing="0" width="100%" border="0">
+<body bgcolor="#ffffff" text="#000000" link="#525D76" alink="#525D76" vlink="#525D76">
+<table border="0" width="100%" cellspacing="0">
 <!--PAGE HEADER-->
 <tr>
 <td>
 <!--PROJECT LOGO-->
 <a href="http://tomcat.apache.org/">
-<img border="0" alt="Tomcat Logo" align="left" src="./images/tomcat.gif" />
+<img src="./images/tomcat.gif" align="left" alt="Tomcat Logo" border="0"/>
 </a>
 </td>
 <td>
@@ -25,28 +25,28 @@
 <td>
 <!--APACHE LOGO-->
 <a href="http://www.apache.org/">
-<img border="0" alt="Apache Logo" align="right" src="http://www.apache.org/images/asf-logo.gif" />
+<img src="http://www.apache.org/images/asf-logo.gif" align="right" alt="Apache Logo" border="0"/>
 </a>
 </td>
 </tr>
 </table>
 <div class="searchbox noPrint">
-<form method="get" action="http://www.google.com/search">
-<input type="hidden" name="sitesearch" value="tomcat.apache.org" />
-<input type="text" id="query" name="q" size="25" value="Search the Site" />
-<input type="submit" value="Search Site" name="Search" />
+<form action="http://www.google.com/search" method="get">
+<input value="tomcat.apache.org" name="sitesearch" type="hidden"/>
+<input value="Search the Site" size="25" name="q" id="query" type="text"/>
+<input name="Search" value="Search Site" type="submit"/>
 </form>
 </div>
-<table cellspacing="4" width="100%" border="0">
+<table border="0" width="100%" cellspacing="4">
 <!--HEADER SEPARATOR-->
 <tr>
 <td colspan="2">
-<hr size="1" noshade="" />
+<hr noshade="" size="1"/>
 </td>
 </tr>
 <tr>
 <!--LEFT SIDE NAVIGATION-->
-<td class="noPrint" nowrap="true" valign="top" width="20%">
+<td width="20%" valign="top" nowrap="true" class="noPrint">
 <p>
 <strong>Apache Tomcat</strong>
 </p>
@@ -178,11 +178,11 @@
 </ul>
 </td>
 <!--RIGHT SIDE MAIN BODY-->
-<td id="mainBody" align="left" valign="top" width="80%">
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<td width="80%" valign="top" align="left" id="mainBody">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Table of Contents">
 <!--()-->
 </a>
@@ -246,14 +246,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Apache Tomcat 6.x vulnerabilities">
 <!--()-->
 </a>
@@ -288,14 +288,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.32">
 <!--()-->
 </a>
@@ -304,8 +304,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 03 Feb 2011</strong>
 </font>
 </td>
@@ -314,39 +314,33 @@
 <td colspan="2">
 <p>
 <blockquote>
-      <p>
-<strong>Important: Remote Denial Of Service</strong>
-       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-XXXX">
-       CVE-2011-XXXX</a>
-</p>
-
-    <p>A wrong logic in JVM could cause Double conversion to hang JVM when
-       accessing to a form based security constrained page.
-       That behaviour can be used for a denial of service attack using
-       a carefully crafted request.
-    </p>
 
-    <p>This was first reported to the Tomcat security team on 02 Feb 2011 and
-       made public on 31 Jan 2011.</p>
-    <p>Affects: 6.0.0-6.0.31</p>
+    <p>
+<i>Note: The issue below was fixed in Apache Tomcat 6.0.31 but the
+       release vote for the 6.0.31 release candidate did not pass. Therefore,
+       although users must download 6.0.32 to obtain a version that includes a
+       fix for this issue, version 6.0.31 is not included in the list of
+       affected versions.</i>
+</p>
 
-      <p>
+    <p>
 <strong>Important: Remote Denial Of Service</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534">
        CVE-2011-0534</a>
 </p>
 
-      <p>The NIO connector expands its buffer endlessly in request line.
-         That behaviour can be used for a denial of service attack using
-         a carefully crafted request.
-      </p>
+    <p>The NIO connector expands its buffer endlessly during request line
+       processing. That behaviour can be used for a denial of service attack
+       using a carefully crafted request.</p>
 
     <p>This was fixed in
        <a href="http://svn.apache.org/viewvc?rev=1066313&amp;view=rev">
        revision 1066313</a>.</p>
 
-    <p>Affects: 6.0.30</p>
-  
+    <p>This was identified by the Tomcat security team on 27 Feb 2011 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.30</p>
 
   </blockquote>
 </p>
@@ -354,14 +348,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.30">
 <!--()-->
 </a>
@@ -370,8 +364,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 13 Jan 2011</strong>
 </font>
 </td>
@@ -381,7 +375,27 @@
 <p>
 <blockquote>
   
-      <p>
+    <p>
+<strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
+       CVE-2011-0013</a>
+</p>
+
+    <p>The HTML Manager interface displayed web applciation provided data, such
+       as display names, without filtering. A malicious web application could
+       trigger script execution by an administartive user when viewing the
+       manager pages.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1057270&amp;view=rev">
+       revision 1057270</a>.</p>
+
+    <p>This was identified by the Tomcat security team on 12 Nov 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.29</p>
+
+    <p>
 <strong>moderate: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172">
        CVE-2010-4172</a>
@@ -399,21 +413,50 @@
        made public on 22 Nov 2010.</p>
 
     <p>Affects: 6.0.12-6.0.29</p>
-  
+
+    <p>
+<strong>low: SecurityManager file permission bypass</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
+       CVE-2010-3718</a>
+</p>
+
+    <p>When running under a SecurityManager, access to the file system is
+       limited but web applications are granted read/write permissions to the
+       work directory. This directory is used for a variety of temporary files
+       such as the intermediate files generated when compiling JSPs to Servlets.
+       The location of the work directory is specified by a ServletContect
+       attribute that is meant to be read-only to web applications. However,
+       due to a coding error, the read-only setting was not applied. Therefore,
+       a malicious web application may modify the attribute before Tomcat
+       applies the file permissions. This can be used to grant read/write
+       permissions to any area on the file system which a malicious web
+       application may then take advantage of. This vulnerability is only
+       applicable when hosting web applications from untrusted sources such as
+       shared hosting environments.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1022560&amp;view=rev">
+       revision 1022560</a>.</p>
+
+    <p>This was discovered by the Tomcat security team on 12 Oct 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.29</p>
+    
   </blockquote>
 </p>
 </td>
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.28">
 <!--()-->
 </a>
@@ -422,8 +465,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 9 Jul 2010</strong>
 </font>
 </td>
@@ -495,14 +538,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.24">
 <!--()-->
 </a>
@@ -511,8 +554,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 21 Jan 2010</strong>
 </font>
 </td>
@@ -620,14 +663,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.20">
 <!--()-->
 </a>
@@ -636,8 +679,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 3 Jun 2009</strong>
 </font>
 </td>
@@ -767,14 +810,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.18">
 <!--()-->
 </a>
@@ -783,8 +826,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 31 Jul 2008</strong>
 </font>
 </td>
@@ -870,14 +913,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.16">
 <!--()-->
 </a>
@@ -886,8 +929,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 8 Feb 2008</strong>
 </font>
 </td>
@@ -967,14 +1010,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.14">
 <!--()-->
 </a>
@@ -983,8 +1026,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 13 Aug 2007</strong>
 </font>
 </td>
@@ -1064,14 +1107,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.11">
 <!--()-->
 </a>
@@ -1080,8 +1123,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>not released</strong>
 </font>
 </td>
@@ -1127,14 +1170,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.10">
 <!--()-->
 </a>
@@ -1143,8 +1186,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 28 Feb 2007</strong>
 </font>
 </td>
@@ -1191,14 +1234,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.9">
 <!--()-->
 </a>
@@ -1207,8 +1250,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 8 Feb 2007</strong>
 </font>
 </td>
@@ -1235,14 +1278,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 6.0.6">
 <!--()-->
 </a>
@@ -1251,8 +1294,8 @@
 </a>
 </font>
 </td>
-<td bgcolor="#525D76" align="right">
-<font face="arial,helvetica.sanserif" color="#ffffff">
+<td align="right" bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica.sanserif">
 <strong>released 18 Dec 2006</strong>
 </font>
 </td>
@@ -1283,14 +1326,14 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Not a vulnerability in Tomcat">
 <!--()-->
 </a>
@@ -1304,7 +1347,29 @@
 <td>
 <p>
 <blockquote>
-  
+
+    <p>
+<strong>Important: Remote Denial Of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-XXXX">
+       CVE-2011-XXXX</a>
+</p>
+
+    <p>A JVM bug could cause Double conversion to hang JVM when accessing to a
+       form based security constrained page or any page that calls
+       javax.servlet.ServletRequest.getLocale() or
+       javax.servlet.ServletRequest.getLocales(). A specially crafted request
+       can be used to trigger a denial of service.
+    </p>
+
+    <p>A work-around for this JVM bug was provided in 
+       <a href="http://svn.apache.org/viewvc?rev=1066315&amp;view=rev">
+       revision 1066315</a>.</p>
+
+    <p>This was first reported to the Tomcat security team on 01 Feb 2011 and
+       made public on 31 Jan 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.31</p>
+
     <p>
 <strong>moderate: TLS SSL Man In The Middle</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
@@ -1382,7 +1447,7 @@
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
@@ -1391,17 +1456,17 @@
 <!--FOOTER SEPARATOR-->
 <tr>
 <td colspan="2">
-<hr size="1" noshade="" />
+<hr noshade="" size="1"/>
 </td>
 </tr>
 <!--PAGE FOOTER-->
 <tr>
 <td colspan="2">
 <div align="center">
-<font size="-1" color="#525D76">
+<font color="#525D76" size="-1">
 <em>
         Copyright © 1999-2011, The Apache Software Foundation
-        <br />
+        <br/>
         Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat
         project logo are trademarks of the Apache Software Foundation.
         </em>

Modified: tomcat/site/trunk/docs/security-7.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Sat Feb  5 01:13:23 2011
@@ -201,9 +201,18 @@
 <a href="#Apache_Tomcat_7.x_vulnerabilities">Apache Tomcat 7.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_7.0.8_(released_5_Feb_2011)">Fixed in Apache Tomcat 7.0.8 (released 5 Feb 2011)</a>
+</li>
+<li>
+<a href="#Fixed_in_Apache_Tomcat_7.0.6_(released_14_Jan_2011)">Fixed in Apache Tomcat 7.0.6 (released 14 Jan 2011)</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_7.0.5_(released_1_Dec_2010)">Fixed in Apache Tomcat 7.0.5 (released 1 Dec 2010)</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_7.0.4_(released_21_Oct_2010)">Fixed in Apache Tomcat 7.0.4 (released 21 Oct 2010)</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_7.0.2_(released_11_Aug_2010)">Fixed in Apache Tomcat 7.0.2 (released 11 Aug 2010)</a>
 </li>
 <li>
@@ -261,6 +270,109 @@
 <tr>
 <td bgcolor="#525D76">
 <font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat 7.0.8 (released 5 Feb 2011)">
+<!--()-->
+</a>
+<a name="Fixed_in_Apache_Tomcat_7.0.8_(released_5_Feb_2011)">
+<strong>Fixed in Apache Tomcat 7.0.8 (released 5 Feb 2011)</strong>
+</a>
+</font>
+</td>
+</tr>
+<tr>
+<td>
+<p>
+<blockquote>
+
+    <p>
+<i>Note: The issue below was fixed in Apache Tomcat 7.0.7 but the
+       release vote for the 7.0.7 release candidate did not pass. Therefore,
+       although users must download 7.0.8 to obtain a version that includes a
+       fix for this issue, version 7.0.7 is not included in the list of
+       affected versions.</i>
+</p>
+
+    <p>
+<strong>Important: Remote Denial Of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534">
+       CVE-2011-0534</a>
+</p>
+
+    <p>The NIO connector expands its buffer endlessly during request line
+       processing. That behaviour can be used for a denial of service attack
+       using a carefully crafted request.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1066313&amp;view=rev">
+       revision 1066313</a>.</p>
+
+    <p>This was identified by the Tomcat security team on 27 Feb 2011 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 7.0.0-7.0.6</p>
+
+  </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat 7.0.6 (released 14 Jan 2011)">
+<!--()-->
+</a>
+<a name="Fixed_in_Apache_Tomcat_7.0.6_(released_14_Jan_2011)">
+<strong>Fixed in Apache Tomcat 7.0.6 (released 14 Jan 2011)</strong>
+</a>
+</font>
+</td>
+</tr>
+<tr>
+<td>
+<p>
+<blockquote>
+  
+    <p>
+<strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
+       CVE-2011-0013</a>
+</p>
+
+    <p>The HTML Manager interface displayed web applciation provided data, such
+       as display names, without filtering. A malicious web application could
+       trigger script execution by an administartive user when viewing the
+       manager pages.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1057279&amp;view=rev">
+       revision 1057279</a>.</p>
+
+    <p>This was identified by the Tomcat security team on 12 Nov 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 7.0.0-7.0.5</p>
+  
+  </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 7.0.5 (released 1 Dec 2010)">
 <!--()-->
 </a>
@@ -275,7 +387,7 @@
 <p>
 <blockquote>
   
-      <p>
+    <p>
 <strong>low: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172">
        CVE-2010-4172</a>
@@ -309,6 +421,63 @@
 <tr>
 <td bgcolor="#525D76">
 <font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat 7.0.4 (released 21 Oct 2010)">
+<!--()-->
+</a>
+<a name="Fixed_in_Apache_Tomcat_7.0.4_(released_21_Oct_2010)">
+<strong>Fixed in Apache Tomcat 7.0.4 (released 21 Oct 2010)</strong>
+</a>
+</font>
+</td>
+</tr>
+<tr>
+<td>
+<p>
+<blockquote>
+
+    <p>
+<strong>low: SecurityManager file permission bypass</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
+       CVE-2010-3718</a>
+</p>
+
+    <p>When running under a SecurityManager, access to the file system is
+       limited but web applications are granted read/write permissions to the
+       work directory. This directory is used for a variety of temporary files
+       such as the intermediate files generated when compiling JSPs to Servlets.
+       The location of the work directory is specified by a ServletContect
+       attribute that is meant to be read-only to web applications. However,
+       due to a coding error, the read-only setting was not applied. Therefore,
+       a malicious web application may modify the attribute before Tomcat
+       applies the file permissions. This can be used to grant read/write
+       permissions to any area on the file system which a malicious web
+       application may then take advantage of. This vulnerability is only
+       applicable when hosting web applications from untrusted sources such as
+       shared hosting environments.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1022134&amp;view=rev">
+       revision 1022134</a>.</p>
+
+    <p>This was discovered by the Tomcat security team on 12 Oct 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 7.0.0-7.0.3</p>
+  
+  </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Fixed in Apache Tomcat 7.0.2 (released 11 Aug 2010)">
 <!--()-->
 </a>
@@ -383,6 +552,28 @@
 <blockquote>
   
     <p>
+<strong>Important: Remote Denial Of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-XXXX">
+       CVE-2011-XXXX</a>
+</p>
+
+    <p>A JVM bug could cause Double conversion to hang JVM when accessing to a
+       form based security constrained page or any page that calls
+       javax.servlet.ServletRequest.getLocale() or
+       javax.servlet.ServletRequest.getLocales(). A specially crafted request
+       can be used to trigger a denial of service.
+    </p>
+
+    <p>A work-around for this JVM bug was provided in 
+       <a href="http://svn.apache.org/viewvc?rev=1066244&amp;view=rev">
+       revision 1066244</a>.</p>
+
+    <p>This was first reported to the Tomcat security team on 01 Feb 2011 and
+       made public on 31 Jan 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.31</p>
+
+    <p>
 <strong>moderate: TLS SSL Man In The Middle</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
        CVE-2009-3555</a>

Modified: tomcat/site/trunk/docs/whichversion.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/whichversion.html?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/docs/whichversion.html (original)
+++ tomcat/site/trunk/docs/whichversion.html Sat Feb  5 01:13:23 2011
@@ -3,19 +3,19 @@
 <html>
 <head>
 <title>Apache Tomcat - Which Version Do I Want?</title>
-<meta content="Marc A. Saegesser" name="author" />
-<meta content="Yoav Shapira" name="author" />
-<link rel="stylesheet" href="stylesheets/tomcat.css" type="text/css" />
-<link media="print" rel="stylesheet" href="stylesheets/tomcat-printer.css" type="text/css" />
+<meta name="author" content="Marc A. Saegesser"/>
+<meta name="author" content="Yoav Shapira"/>
+<link type="text/css" href="stylesheets/tomcat.css" rel="stylesheet"/>
+<link type="text/css" href="stylesheets/tomcat-printer.css" rel="stylesheet" media="print"/>
 </head>
-<body vlink="#525D76" alink="#525D76" link="#525D76" text="#000000" bgcolor="#ffffff">
-<table cellspacing="0" width="100%" border="0">
+<body bgcolor="#ffffff" text="#000000" link="#525D76" alink="#525D76" vlink="#525D76">
+<table border="0" width="100%" cellspacing="0">
 <!--PAGE HEADER-->
 <tr>
 <td>
 <!--PROJECT LOGO-->
 <a href="http://tomcat.apache.org/">
-<img border="0" alt="Tomcat Logo" align="left" src="./images/tomcat.gif" />
+<img src="./images/tomcat.gif" align="left" alt="Tomcat Logo" border="0"/>
 </a>
 </td>
 <td>
@@ -26,28 +26,28 @@
 <td>
 <!--APACHE LOGO-->
 <a href="http://www.apache.org/">
-<img border="0" alt="Apache Logo" align="right" src="http://www.apache.org/images/asf-logo.gif" />
+<img src="http://www.apache.org/images/asf-logo.gif" align="right" alt="Apache Logo" border="0"/>
 </a>
 </td>
 </tr>
 </table>
 <div class="searchbox noPrint">
-<form method="get" action="http://www.google.com/search">
-<input type="hidden" name="sitesearch" value="tomcat.apache.org" />
-<input type="text" id="query" name="q" size="25" value="Search the Site" />
-<input type="submit" value="Search Site" name="Search" />
+<form action="http://www.google.com/search" method="get">
+<input value="tomcat.apache.org" name="sitesearch" type="hidden"/>
+<input value="Search the Site" size="25" name="q" id="query" type="text"/>
+<input name="Search" value="Search Site" type="submit"/>
 </form>
 </div>
-<table cellspacing="4" width="100%" border="0">
+<table border="0" width="100%" cellspacing="4">
 <!--HEADER SEPARATOR-->
 <tr>
 <td colspan="2">
-<hr size="1" noshade="" />
+<hr noshade="" size="1"/>
 </td>
 </tr>
 <tr>
 <!--LEFT SIDE NAVIGATION-->
-<td class="noPrint" nowrap="true" valign="top" width="20%">
+<td width="20%" valign="top" nowrap="true" class="noPrint">
 <p>
 <strong>Apache Tomcat</strong>
 </p>
@@ -179,11 +179,11 @@
 </ul>
 </td>
 <!--RIGHT SIDE MAIN BODY-->
-<td id="mainBody" align="left" valign="top" width="80%">
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<td width="80%" valign="top" align="left" id="mainBody">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Apache Tomcat Versions">
 <!--()-->
 </a>
@@ -206,100 +206,100 @@ mapping between the specifications and t
 <table class="detail-table">
 
 <tr>
-  <td valign="top" bgcolor="#039acc">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">
+  <td bgcolor="#039acc" valign="top">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">
 <strong>Servlet/JSP Spec</strong>
 </font>
 </td>
-  <td valign="top" bgcolor="#039acc">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">
+  <td bgcolor="#039acc" valign="top">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">
 <strong>Apache Tomcat version</strong>
 </font>
 </td>
-  <td valign="top" bgcolor="#039acc">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">
+  <td bgcolor="#039acc" valign="top">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">
 <strong>Actual release revision</strong>
 </font>
 </td>
-  <td valign="top" bgcolor="#039acc">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">
+  <td bgcolor="#039acc" valign="top">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">
 <strong>Minimum Java Version</strong>
 </font>
 </td>
 </tr>
 
 <tr>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">3.0/2.2</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">3.0/2.2</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">7.0.x</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">7.0.x</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">7.0.6</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">7.0.8</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">1.6</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">1.6</font>
 </td>
 </tr>
 
 <tr>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">2.5/2.1</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">2.5/2.1</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">6.0.x</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">6.0.x</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">6.0.32</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">6.0.32</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">1.5</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">1.5</font>
 </td>
 </tr>
 
 <tr>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">2.4/2.0</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">2.4/2.0</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">5.5.x</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">5.5.x</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">5.5.32</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">5.5.32</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">1.4</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">1.4</font>
 </td>
 </tr>
 
 <tr>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">2.3/1.2</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">2.3/1.2</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">4.1.x (archived)</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">4.1.x (archived)</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">4.1.40 (archived)</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">4.1.40 (archived)</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">1.3</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">1.3</font>
 </td>
 </tr>
 
 <tr>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">2.2/1.1</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">2.2/1.1</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">3.3.x (archived)</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">3.3.x (archived)</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">3.3.2 (archived)</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">3.3.2 (archived)</font>
 </td>
-  <td align="left" valign="top" bgcolor="#a0ddf0">
-<font face="arial,helvetica,sanserif" size="-1" color="#000000">1.1</font>
+  <td bgcolor="#a0ddf0" valign="top" align="left">
+<font color="#000000" size="-1" face="arial,helvetica,sanserif">1.1</font>
 </td>
 </tr>
 
@@ -324,14 +324,14 @@ be interested or able to support you.
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Alpha / Beta / Stable">
 <!--()-->
 </a>
@@ -380,14 +380,14 @@ stably for extended periods of time.</p>
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Apache Tomcat 7.x">
 <!--()-->
 </a>
@@ -423,14 +423,14 @@ following improvements:
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Apache Tomcat 6.x">
 <!--()-->
 </a>
@@ -463,14 +463,14 @@ following improvements:
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Apache Tomcat 5.x">
 <!--()-->
 </a>
@@ -518,14 +518,14 @@ it in production</li>
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Apache Tomcat 4.x">
 <!--()-->
 </a>
@@ -581,14 +581,14 @@ specifications with no changes.</p>
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
-<table width="100%" cellpadding="2" cellspacing="0" border="0">
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
 <tr>
 <td bgcolor="#525D76">
-<font face="arial,helvetica,sanserif" color="#ffffff">
+<font color="#ffffff" face="arial,helvetica,sanserif">
 <a name="Apache Tomcat 3.x">
 <!--()-->
 </a>
@@ -662,7 +662,7 @@ strongly encouraged to migrate to the cu
 </tr>
 <tr>
 <td>
-<br />
+<br/>
 </td>
 </tr>
 </table>
@@ -671,17 +671,17 @@ strongly encouraged to migrate to the cu
 <!--FOOTER SEPARATOR-->
 <tr>
 <td colspan="2">
-<hr size="1" noshade="" />
+<hr noshade="" size="1"/>
 </td>
 </tr>
 <!--PAGE FOOTER-->
 <tr>
 <td colspan="2">
 <div align="center">
-<font size="-1" color="#525D76">
+<font color="#525D76" size="-1">
 <em>
         Copyright © 1999-2011, The Apache Software Foundation
-        <br />
+        <br/>
         Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat
         project logo are trademarks of the Apache Software Foundation.
         </em>

Modified: tomcat/site/trunk/xdocs/download-70.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/download-70.xml?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/download-70.xml (original)
+++ tomcat/site/trunk/xdocs/download-70.xml Sat Feb  5 01:13:23 2011
@@ -15,8 +15,8 @@
       <!-- Begin quick navigation section -->
       <section name="Quick Navigation">
         <a href="http://www.apache.org/dist/tomcat/tomcat-7/KEYS">KEYS</a> |
-        <a href="#7.0.6">7.0.6</a> |
-        <a href="[preferred]tomcat/tomcat-7/v7.0.6">Browse</a> |
+        <a href="#7.0.8">7.0.8</a> |
+        <a href="[preferred]tomcat/tomcat-7/v7.0.8">Browse</a> |
         <a href="http://archive.apache.org/dist/tomcat/tomcat-7">Archives</a>
       </section>
       <!-- End quick navigation section -->
@@ -56,11 +56,11 @@
   </section>
   <!-- End mirrors section -->
 
-      <!-- Begin 7.0.6 section -->
-      <section name="7.0.6">
+      <!-- Begin 7.0.8 section -->
+      <section name="7.0.8">
       <p>
-      <a name="7.0.6">Please</a> see the 
-      <a href="[preferred]tomcat/tomcat-7/v7.0.6/README.html">README</a>
+      <a name="7.0.8">Please</a> see the 
+      <a href="[preferred]tomcat/tomcat-7/v7.0.8/README.html">README</a>
       file for packaging information.  It explains what every distribution contains.
       </p>
 
@@ -69,121 +69,121 @@
         <li>Core:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.zip">zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.zip">zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.tar.gz">tar.gz</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.tar.gz.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.tar.gz">tar.gz</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.tar.gz.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.tar.gz.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x86.zip">32-bit Windows zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x86.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x86.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x86.zip">32-bit Windows zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x86.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x86.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x64.zip">64-bit Windows zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x64.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-x64.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x64.zip">64-bit Windows zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x64.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-x64.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-i64.zip">64-bit Itanium Windows zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-i64.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-windows-i64.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-i64.zip">64-bit Itanium Windows zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-i64.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-windows-i64.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.exe">32-bit/64-bit Windows Service Installer</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.exe.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6.exe.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.exe">32-bit/64-bit Windows Service Installer</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.exe.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8.exe.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Full documentation:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-fulldocs.tar.gz">tar.gz</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-fulldocs.tar.gz.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-fulldocs.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-fulldocs.tar.gz">tar.gz</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-fulldocs.tar.gz.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-fulldocs.tar.gz.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Deployer:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.zip">zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.zip.asc">pgp</a>,  
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.zip">zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.zip.asc">pgp</a>,  
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.zip.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.tar.gz">tar.gz</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.tar.gz.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/apache-tomcat-7.0.6-deployer.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.tar.gz">tar.gz</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.tar.gz.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/apache-tomcat-7.0.8-deployer.tar.gz.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Extras:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/extras/catalina-jmx-remote.jar">JMX Remote jar</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/catalina-jmx-remote.jar.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/catalina-jmx-remote.jar.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/extras/catalina-jmx-remote.jar">JMX Remote jar</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/catalina-jmx-remote.jar.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/catalina-jmx-remote.jar.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/extras/catalina-ws.jar">Web services jar</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/catalina-ws.jar.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/catalina-ws.jar.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/extras/catalina-ws.jar">Web services jar</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/catalina-ws.jar.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/catalina-ws.jar.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli-adapters.jar">JULI adapters jar</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli-adapters.jar.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli-adapters.jar.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli-adapters.jar">JULI adapters jar</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli-adapters.jar.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli-adapters.jar.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli.jar">JULI log4j jar</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli.jar.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/extras/tomcat-juli.jar.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli.jar">JULI log4j jar</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli.jar.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/extras/tomcat-juli.jar.md5">md5</a>)
           </li>
           </ul>
         </li>
         <li>Embedded:
           <ul>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.tar.gz">tar.gz</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.tar.gz.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.tar.gz.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.tar.gz">tar.gz</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.tar.gz.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.tar.gz.md5">md5</a>)
           </li>
           <li>
-            <a href="[preferred]tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.zip">zip</a> 
-            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.zip.asc">pgp</a>, 
-            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/bin/embed/apache-tomcat-7.0.6-embed.zip.md5">md5</a>)
+            <a href="[preferred]tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.zip">zip</a> 
+            (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.zip.asc">pgp</a>, 
+            <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/bin/embed/apache-tomcat-7.0.8-embed.zip.md5">md5</a>)
           </li>
           </ul>
         </li>
       </ul>
       </subsection>
-      <!-- End of 7.0.6 binary section -->
+      <!-- End of 7.0.8 binary section -->
  
-      <!-- Begin 7.0.6 source section -->
+      <!-- Begin 7.0.8 source section -->
       <subsection name="Source Code Distributions">
       <ul>
         <li>
-          <a href="[preferred]tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.tar.gz">tar.gz</a> 
-          (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.tar.gz.asc">pgp</a>, 
-          <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.tar.gz.md5">md5</a>)
+          <a href="[preferred]tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.tar.gz">tar.gz</a> 
+          (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.tar.gz.asc">pgp</a>, 
+          <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.tar.gz.md5">md5</a>)
         </li>
         <li>
-          <a href="[preferred]tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.zip">zip</a> 
-          (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.zip.asc">pgp</a>, 
-          <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.6/src/apache-tomcat-7.0.6-src.zip.md5">md5</a>)
+          <a href="[preferred]tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.zip">zip</a> 
+          (<a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.zip.asc">pgp</a>, 
+          <a href="http://www.apache.org/dist/tomcat/tomcat-7/v7.0.8/src/apache-tomcat-7.0.8-src.zip.md5">md5</a>)
         </li>
       </ul>
       </subsection>
-      <!-- End 7.0.6 source section -->
+      <!-- End 7.0.8 source section -->
 
     </section>
-    <!-- End 7.0.6 section -->
+    <!-- End 7.0.8 section -->
 
 </body>
 </document>

Modified: tomcat/site/trunk/xdocs/security-5.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-5.xml?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-5.xml (original)
+++ tomcat/site/trunk/xdocs/security-5.xml Sat Feb  5 01:13:23 2011
@@ -46,8 +46,57 @@
   </section>
  -->
 
+  <section name="Fixed in Apache Tomcat 5.5.32" rtext="released 1 Feb 2011">
+  
+    <p><strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
+       CVE-2011-0013</a></p>
+
+    <p>The HTML Manager interface displayed web applciation provided data, such
+       as display names, without filtering. A malicious web application could
+       trigger script execution by an administartive user when viewing the
+       manager pages.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1057279&amp;view=rev">
+       revision 1057279</a>.</p>
+
+    <p>This was identified by the Tomcat security team on 12 Nov 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 5.5.0-5.5.31</p>
+
+  </section>
+
   <section name="Fixed in Apache Tomcat 5.5.30" rtext="released 9 Jul 2010">
   
+    <p><strong>low: SecurityManager file permission bypass</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
+       CVE-2010-3718</a></p>
+
+    <p>When running under a SecurityManager, access to the file system is
+       limited but web applications are granted read/write permissions to the
+       work directory. This directory is used for a variety of temporary files
+       such as the intermediate files generated when compiling JSPs to Servlets.
+       The location of the work directory is specified by a ServletContect
+       attribute that is meant to be read-only to web applications. However,
+       due to a coding error, the read-only setting was not applied. Therefore,
+       a malicious web application may modify the attribute before Tomcat
+       applies the file permissions. This can be used to grant read/write
+       permissions to any area on the file system which a malicious web
+       application may then take advantage of. This vulnerability is only
+       applicable when hosting web applications from untrusted sources such as
+       shared hosting environments.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1027610&amp;view=rev">
+       revision 1027610</a>.</p>
+
+    <p>This was discovered by the Tomcat security team on 12 Oct 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 5.5.0-5.5.29</p>
+    
     <p><strong>Important: Remote Denial Of Service and Information Disclosure
        Vulnerability</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227">
@@ -660,6 +709,26 @@
 
   <section name="Not a vulnerability in Tomcat">
 
+    <p><strong>Important: Remote Denial Of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-XXXX">
+       CVE-2011-XXXX</a></p>
+
+    <p>A JVM bug could cause Double conversion to hang JVM when accessing to a
+       form based security constrained page or any page that calls
+       javax.servlet.ServletRequest.getLocale() or
+       javax.servlet.ServletRequest.getLocales(). A specially crafted request
+       can be used to trigger a denial of service.
+    </p>
+
+    <p>A work-around for this JVM bug was provided in 
+       <a href="http://svn.apache.org/viewvc?rev=1066318&amp;view=rev">
+       revision 1066318</a>.</p>
+
+    <p>This was first reported to the Tomcat security team on 01 Feb 2011 and
+       made public on 31 Jan 2011.</p>
+
+    <p>Affects: 5.5.0-5.5.32</p>
+
     <p><strong>moderate: TLS SSL Man In The Middle</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
        CVE-2009-3555</a></p>

Modified: tomcat/site/trunk/xdocs/security-6.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-6.xml (original)
+++ tomcat/site/trunk/xdocs/security-6.xml Sat Feb  5 01:13:23 2011
@@ -31,41 +31,53 @@
   </section>
 
   <section name="Fixed in Apache Tomcat 6.0.32" rtext="released 03 Feb 2011">
-      <p><strong>Important: Remote Denial Of Service</strong>
-       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-XXXX">
-       CVE-2011-XXXX</a></p>
 
-    <p>A wrong logic in JVM could cause Double conversion to hang JVM when
-       accessing to a form based security constrained page.
-       That behaviour can be used for a denial of service attack using
-       a carefully crafted request.
-    </p>
-
-    <p>This was first reported to the Tomcat security team on 01 Feb 2011 and
-       made public on 31 Jan 2011.</p>
-    <p>Affects: 6.0.0-6.0.31</p>
+    <p><i>Note: The issue below was fixed in Apache Tomcat 6.0.31 but the
+       release vote for the 6.0.31 release candidate did not pass. Therefore,
+       although users must download 6.0.32 to obtain a version that includes a
+       fix for this issue, version 6.0.31 is not included in the list of
+       affected versions.</i></p>
 
-      <p><strong>Important: Remote Denial Of Service</strong>
+    <p><strong>Important: Remote Denial Of Service</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534">
        CVE-2011-0534</a></p>
 
-      <p>The NIO connector expands its buffer endlessly in request line.
-         That behaviour can be used for a denial of service attack using
-         a carefully crafted request.
-      </p>
+    <p>The NIO connector expands its buffer endlessly during request line
+       processing. That behaviour can be used for a denial of service attack
+       using a carefully crafted request.</p>
 
     <p>This was fixed in
        <a href="http://svn.apache.org/viewvc?rev=1066313&amp;view=rev">
        revision 1066313</a>.</p>
 
-    <p>Affects: 6.0.30</p>
-  
+    <p>This was identified by the Tomcat security team on 27 Feb 2011 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.30</p>
 
   </section>
 
   <section name="Fixed in Apache Tomcat 6.0.30" rtext="released 13 Jan 2011">
   
-      <p><strong>moderate: Cross-site scripting</strong>
+    <p><strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
+       CVE-2011-0013</a></p>
+
+    <p>The HTML Manager interface displayed web applciation provided data, such
+       as display names, without filtering. A malicious web application could
+       trigger script execution by an administartive user when viewing the
+       manager pages.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1057270&amp;view=rev">
+       revision 1057270</a>.</p>
+
+    <p>This was identified by the Tomcat security team on 12 Nov 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.29</p>
+
+    <p><strong>moderate: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172">
        CVE-2010-4172</a></p>
 
@@ -81,7 +93,34 @@
        made public on 22 Nov 2010.</p>
 
     <p>Affects: 6.0.12-6.0.29</p>
-  
+
+    <p><strong>low: SecurityManager file permission bypass</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
+       CVE-2010-3718</a></p>
+
+    <p>When running under a SecurityManager, access to the file system is
+       limited but web applications are granted read/write permissions to the
+       work directory. This directory is used for a variety of temporary files
+       such as the intermediate files generated when compiling JSPs to Servlets.
+       The location of the work directory is specified by a ServletContect
+       attribute that is meant to be read-only to web applications. However,
+       due to a coding error, the read-only setting was not applied. Therefore,
+       a malicious web application may modify the attribute before Tomcat
+       applies the file permissions. This can be used to grant read/write
+       permissions to any area on the file system which a malicious web
+       application may then take advantage of. This vulnerability is only
+       applicable when hosting web applications from untrusted sources such as
+       shared hosting environments.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1022560&amp;view=rev">
+       revision 1022560</a>.</p>
+
+    <p>This was discovered by the Tomcat security team on 12 Oct 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.29</p>
+    
   </section>
 
   <section name="Fixed in Apache Tomcat 6.0.28" rtext="released 9 Jul 2010">
@@ -607,7 +646,27 @@
   </section>
 
   <section name="Not a vulnerability in Tomcat">
-  
+
+    <p><strong>Important: Remote Denial Of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-XXXX">
+       CVE-2011-XXXX</a></p>
+
+    <p>A JVM bug could cause Double conversion to hang JVM when accessing to a
+       form based security constrained page or any page that calls
+       javax.servlet.ServletRequest.getLocale() or
+       javax.servlet.ServletRequest.getLocales(). A specially crafted request
+       can be used to trigger a denial of service.
+    </p>
+
+    <p>A work-around for this JVM bug was provided in 
+       <a href="http://svn.apache.org/viewvc?rev=1066315&amp;view=rev">
+       revision 1066315</a>.</p>
+
+    <p>This was first reported to the Tomcat security team on 01 Feb 2011 and
+       made public on 31 Jan 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.31</p>
+
     <p><strong>moderate: TLS SSL Man In The Middle</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
        CVE-2009-3555</a></p>

Modified: tomcat/site/trunk/xdocs/security-7.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1067369&r1=1067368&r2=1067369&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Sat Feb  5 01:13:23 2011
@@ -25,9 +25,58 @@
        <a href="mailto:security@tomcat.apache.org">Tomcat Security Team</a>.</p>
   </section>
 
+  <section name="Fixed in Apache Tomcat 7.0.8 (released 5 Feb 2011)">
+
+    <p><i>Note: The issue below was fixed in Apache Tomcat 7.0.7 but the
+       release vote for the 7.0.7 release candidate did not pass. Therefore,
+       although users must download 7.0.8 to obtain a version that includes a
+       fix for this issue, version 7.0.7 is not included in the list of
+       affected versions.</i></p>
+
+    <p><strong>Important: Remote Denial Of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534">
+       CVE-2011-0534</a></p>
+
+    <p>The NIO connector expands its buffer endlessly during request line
+       processing. That behaviour can be used for a denial of service attack
+       using a carefully crafted request.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1066313&amp;view=rev">
+       revision 1066313</a>.</p>
+
+    <p>This was identified by the Tomcat security team on 27 Feb 2011 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 7.0.0-7.0.6</p>
+
+  </section>
+
+  <section name="Fixed in Apache Tomcat 7.0.6 (released 14 Jan 2011)">
+  
+    <p><strong>low: Cross-site scripting</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013">
+       CVE-2011-0013</a></p>
+
+    <p>The HTML Manager interface displayed web applciation provided data, such
+       as display names, without filtering. A malicious web application could
+       trigger script execution by an administartive user when viewing the
+       manager pages.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1057279&amp;view=rev">
+       revision 1057279</a>.</p>
+
+    <p>This was identified by the Tomcat security team on 12 Nov 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 7.0.0-7.0.5</p>
+  
+  </section>
+
   <section name="Fixed in Apache Tomcat 7.0.5 (released 1 Dec 2010)">
   
-      <p><strong>low: Cross-site scripting</strong>
+    <p><strong>low: Cross-site scripting</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172">
        CVE-2010-4172</a></p>
 
@@ -47,6 +96,37 @@
   
   </section>
 
+  <section name="Fixed in Apache Tomcat 7.0.4 (released 21 Oct 2010)">
+
+    <p><strong>low: SecurityManager file permission bypass</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718">
+       CVE-2010-3718</a></p>
+
+    <p>When running under a SecurityManager, access to the file system is
+       limited but web applications are granted read/write permissions to the
+       work directory. This directory is used for a variety of temporary files
+       such as the intermediate files generated when compiling JSPs to Servlets.
+       The location of the work directory is specified by a ServletContect
+       attribute that is meant to be read-only to web applications. However,
+       due to a coding error, the read-only setting was not applied. Therefore,
+       a malicious web application may modify the attribute before Tomcat
+       applies the file permissions. This can be used to grant read/write
+       permissions to any area on the file system which a malicious web
+       application may then take advantage of. This vulnerability is only
+       applicable when hosting web applications from untrusted sources such as
+       shared hosting environments.</p>
+
+    <p>This was fixed in
+       <a href="http://svn.apache.org/viewvc?rev=1022134&amp;view=rev">
+       revision 1022134</a>.</p>
+
+    <p>This was discovered by the Tomcat security team on 12 Oct 2010 and
+       made public on 5 Feb 2011.</p>
+
+    <p>Affects: 7.0.0-7.0.3</p>
+  
+  </section>
+
   <section name="Fixed in Apache Tomcat 7.0.2 (released 11 Aug 2010)">
   
     <p><i>Note: The issue below was fixed in Apache Tomcat 7.0.1 but the
@@ -80,6 +160,26 @@
 
   <section name="Not a vulnerability in Tomcat">
   
+    <p><strong>Important: Remote Denial Of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-XXXX">
+       CVE-2011-XXXX</a></p>
+
+    <p>A JVM bug could cause Double conversion to hang JVM when accessing to a
+       form based security constrained page or any page that calls
+       javax.servlet.ServletRequest.getLocale() or
+       javax.servlet.ServletRequest.getLocales(). A specially crafted request
+       can be used to trigger a denial of service.
+    </p>
+
+    <p>A work-around for this JVM bug was provided in 
+       <a href="http://svn.apache.org/viewvc?rev=1066244&amp;view=rev">
+       revision 1066244</a>.</p>
+
+    <p>This was first reported to the Tomcat security team on 01 Feb 2011 and
+       made public on 31 Jan 2011.</p>
+
+    <p>Affects: 6.0.0-6.0.31</p>
+
     <p><strong>moderate: TLS SSL Man In The Middle</strong>
        <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555">
        CVE-2009-3555</a></p>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message