Author: markt
Date: Fri Aug 12 13:09:21 2011
New Revision: 1157086
URL: http://svn.apache.org/viewvc?rev=1157086&view=rev
Log:
Update site for CVE-2011-2729
Modified:
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/xdocs/security-5.xml
tomcat/site/trunk/xdocs/security-6.xml
tomcat/site/trunk/xdocs/security-7.xml
Modified: tomcat/site/trunk/docs/security-5.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-5.html?rev=1157086&r1=1157085&r2=1157086&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-5.html (original)
+++ tomcat/site/trunk/docs/security-5.html Fri Aug 12 13:09:21 2011
@@ -390,6 +390,33 @@
<p>Affects: 5.5.0-5.5.33</p>
+ <p>
+<strong>Important: Information disclosure</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729";
rel="nofollow">CVE-2011-2729</a>
+</p>
+
+ <p>Due to a bug in the capabilities code, jsvc (the service wrapper for
+ Linux that is part of the Commons Daemon project) does not drop
+ capabilities allowing the application to access files and directories
+ owned by superuser. This vulnerability only occurs when all of the
+ following are true:
+ <ul>
+ <li>Tomcat is running on a Linux operating system</li>
+ <li>jsvc was compiled with libcap</li>
+ <li>-user parameter is used</li>
+ </ul>
+ Affected Tomcat versions shipped with source files for jsvc that
included
+ this vulnerability.
+ </p>
+
+ <p>There is a <a
href="http://people.apache.org/~markt/patches/2011-08-12-cve-2011-22729-tc5.patch";>
+ proposed patch</a> for this issue.</p>
+
+ <p>This was identified by Wilfried Weissmann on 20 July 2011 and made
public
+ on 12 August 2011.</p>
+
+ <p>Affects: 5.5.32-5.5.33</p>
+
</blockquote>
</p>
</td>
Modified: tomcat/site/trunk/docs/security-6.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1157086&r1=1157085&r2=1157086&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-6.html (original)
+++ tomcat/site/trunk/docs/security-6.html Fri Aug 12 13:09:21 2011
@@ -387,6 +387,34 @@
<p>Affects: 6.0.0-6.0.32</p>
+ <p>
+<strong>Important: Information disclosure</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729";
rel="nofollow">CVE-2011-2729</a>
+</p>
+
+ <p>Due to a bug in the capabilities code, jsvc (the service wrapper for
+ Linux that is part of the Commons Daemon project) does not drop
+ capabilities allowing the application to access files and directories
+ owned by superuser. This vulnerability only occurs when all of the
+ following are true:
+ <ul>
+ <li>Tomcat is running on a Linux operating system</li>
+ <li>jsvc was compiled with libcap</li>
+ <li>-user parameter is used</li>
+ </ul>
+ Affected Tomcat versions shipped with source files for jsvc that
included
+ this vulnerability.
+ </p>
+
+ <p>This was fixed in revision
+ <a href="http://svn.apache.org/viewvc?rev=1153824&view=rev";>
+ 1153824</a>.</p>
+
+ <p>This was identified by Wilfried Weissmann on 20 July 2011 and made
public
+ on 12 August 2011.</p>
+
+ <p>Affects: 6.0.30-6.0.32</p>
+
</blockquote>
</p>
</td>
Modified: tomcat/site/trunk/docs/security-7.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1157086&r1=1157085&r2=1157086&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Fri Aug 12 13:09:21 2011
@@ -215,6 +215,9 @@
<a href="#Apache_Tomcat_7.x_vulnerabilities">Apache Tomcat 7.x
vulnerabilities</a>
</li>
<li>
+<a href="#Fixed_in_Apache_Tomcat_7.0.20">Fixed in Apache Tomcat 7.0.20</a>
+</li>
+<li>
<a href="#Fixed_in_Apache_Tomcat_7.0.19">Fixed in Apache Tomcat 7.0.19</a>
</li>
<li>
@@ -296,6 +299,62 @@
<tr>
<td bgcolor="#525D76">
<font color="#ffffff" face="arial,helvetica,sanserif">
+<a name="Fixed in Apache Tomcat 7.0.20">
+<!--()-->
+</a>
+<a name="Fixed_in_Apache_Tomcat_7.0.20">
+<strong>Fixed in Apache Tomcat 7.0.20</strong>
+</a>
+</font>
+</td>
+</tr>
+<tr>
+<td>
+<p>
+<blockquote>
+
+ <p>
+<strong>Important: Information disclosure</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729";
rel="nofollow">CVE-2011-2729</a>
+</p>
+
+ <p>Due to a bug in the capabilities code, jsvc (the service wrapper for
+ Linux that is part of the Commons Daemon project) does not drop
+ capabilities allowing the application to access files and directories
+ owned by superuser. This vulnerability only occurs when all of the
+ following are true:
+ <ul>
+ <li>Tomcat is running on a Linux operating system</li>
+ <li>jsvc was compiled with libcap</li>
+ <li>-user parameter is used</li>
+ </ul>
+ Affected Tomcat versions shipped with source files for jsvc that
included
+ this vulnerability.
+ </p>
+
+ <p>This was fixed in revision
+ <a href="http://svn.apache.org/viewvc?rev=1153379&view=rev";>
+ 1153379</a>.</p>
+
+ <p>This was identified by Wilfried Weissmann on 20 July 2011 and made
public
+ on 12 August 2011.</p>
+
+ <p>Affects: 7.0.0-7.0.19</p>
+
+ </blockquote>
+</p>
+</td>
+</tr>
+<tr>
+<td>
+<br/>
+</td>
+</tr>
+</table>
+<table border="0" cellspacing="0" cellpadding="2" width="100%">
+<tr>
+<td bgcolor="#525D76">
+<font color="#ffffff" face="arial,helvetica,sanserif">
<a name="Fixed in Apache Tomcat 7.0.19">
<!--()-->
</a>
Modified: tomcat/site/trunk/xdocs/security-5.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-5.xml?rev=1157086&r1=1157085&r2=1157086&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-5.xml (original)
+++ tomcat/site/trunk/xdocs/security-5.xml Fri Aug 12 13:09:21 2011
@@ -83,6 +83,32 @@
<p>Affects: 5.5.0-5.5.33</p>
+ <p><strong>Important: Information disclosure</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729";
+ rel="nofollow">CVE-2011-2729</a></p>
+
+ <p>Due to a bug in the capabilities code, jsvc (the service wrapper for
+ Linux that is part of the Commons Daemon project) does not drop
+ capabilities allowing the application to access files and directories
+ owned by superuser. This vulnerability only occurs when all of the
+ following are true:
+ <ul>
+ <li>Tomcat is running on a Linux operating system</li>
+ <li>jsvc was compiled with libcap</li>
+ <li>-user parameter is used</li>
+ </ul>
+ Affected Tomcat versions shipped with source files for jsvc that
included
+ this vulnerability.
+ </p>
+
+ <p>There is a <a
href="http://people.apache.org/~markt/patches/2011-08-12-cve-2011-22729-tc5.patch";>
+ proposed patch</a> for this issue.</p>
+
+ <p>This was identified by Wilfried Weissmann on 20 July 2011 and made
public
+ on 12 August 2011.</p>
+
+ <p>Affects: 5.5.32-5.5.33</p>
+
</section>
<section name="Fixed in Apache Tomcat 5.5.34 (not yet released)">
Modified: tomcat/site/trunk/xdocs/security-6.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=1157086&r1=1157085&r2=1157086&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-6.xml (original)
+++ tomcat/site/trunk/xdocs/security-6.xml Fri Aug 12 13:09:21 2011
@@ -90,6 +90,33 @@
<p>Affects: 6.0.0-6.0.32</p>
+ <p><strong>Important: Information disclosure</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729";
+ rel="nofollow">CVE-2011-2729</a></p>
+
+ <p>Due to a bug in the capabilities code, jsvc (the service wrapper for
+ Linux that is part of the Commons Daemon project) does not drop
+ capabilities allowing the application to access files and directories
+ owned by superuser. This vulnerability only occurs when all of the
+ following are true:
+ <ul>
+ <li>Tomcat is running on a Linux operating system</li>
+ <li>jsvc was compiled with libcap</li>
+ <li>-user parameter is used</li>
+ </ul>
+ Affected Tomcat versions shipped with source files for jsvc that
included
+ this vulnerability.
+ </p>
+
+ <p>This was fixed in revision
+ <a href="http://svn.apache.org/viewvc?rev=1153824&view=rev";>
+ 1153824</a>.</p>
+
+ <p>This was identified by Wilfried Weissmann on 20 July 2011 and made
public
+ on 12 August 2011.</p>
+
+ <p>Affects: 6.0.30-6.0.32</p>
+
</section>
<section name="Fixed in Apache Tomcat 6.0.32" rtext="released 03 Feb 2011">
Modified: tomcat/site/trunk/xdocs/security-7.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1157086&r1=1157085&r2=1157086&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Fri Aug 12 13:09:21 2011
@@ -25,6 +25,37 @@
<a href="mailto:[email protected]";>Tomcat Security
Team</a>.</p>
</section>
+ <section name="Fixed in Apache Tomcat 7.0.20">
+
+ <p><strong>Important: Information disclosure</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729";
+ rel="nofollow">CVE-2011-2729</a></p>
+
+ <p>Due to a bug in the capabilities code, jsvc (the service wrapper for
+ Linux that is part of the Commons Daemon project) does not drop
+ capabilities allowing the application to access files and directories
+ owned by superuser. This vulnerability only occurs when all of the
+ following are true:
+ <ul>
+ <li>Tomcat is running on a Linux operating system</li>
+ <li>jsvc was compiled with libcap</li>
+ <li>-user parameter is used</li>
+ </ul>
+ Affected Tomcat versions shipped with source files for jsvc that
included
+ this vulnerability.
+ </p>
+
+ <p>This was fixed in revision
+ <a href="http://svn.apache.org/viewvc?rev=1153379&view=rev";>
+ 1153379</a>.</p>
+
+ <p>This was identified by Wilfried Weissmann on 20 July 2011 and made
public
+ on 12 August 2011.</p>
+
+ <p>Affects: 7.0.0-7.0.19</p>
+
+ </section>
+
<section name="Fixed in Apache Tomcat 7.0.19">
<p><strong>Low: Information disclosure</strong>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
