tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Owen, Scott A CTR IT/IM Bldg1490" <scott.owen....@navy.mil>
Subject IAVM Identified Vulnerability - 2009-B-0026_0028
Date Thu, 23 Jul 2009 12:14:55 GMT
User@Tomcat.Apache.Org,

I am currently running Tomcat 5.5.27 on a Windows 2003 server for the application Business
Objects Enterprise XI R2.

I have been notified by my IA department of an IAVA that has been identified and needs immediate
action.

The IAVM is 2009-B-0026_0028 and references the following CVE vulnerabilities:

CVE-2008-5515
CVE-2009-0033
CVE-2009-0580
CVE-2009-0781
CVE-2009-0783

I have searched the Apache Tomcat site for any assistance, and the only thing I am able to
find references a fix in Tomcat 5.5.SVN.  However, I am unable to find this package to install
on my server to resolve these vulnerabilities.

Can somebody point me in the right direction on implement this fix to make my system compliant
with this identified IAVA?

Thank you,
Scott A. Owen
Information Technology/Information Management (IT/IM) Business Objects Administration and
Technical Support Analyst
(301) 342-4941
scott.owen@navy.mil




Mime
View raw message