Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A denial of service flaw was found in the way certain strings were
converted to Double objects. A remote attacker could use this flaw to cause
Tomcat to hang via a specially-crafted HTTP request. (CVE-2010-4476)
A flaw was found in the Tomcat NIO (Non-Blocking I/O) connector. A remote
attacker could use this flaw to cause a denial of service (out-of-memory
condition) via a specially-crafted request containing a large NIO buffer
size request value. (CVE-2011-0534)
This update also fixes the following bug:
Users of Tomcat should upgrade to these updated packages, which contain
backported patches to correct these issues. Tomcat must be restarted for
this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | noarch | tomcat6-admin-webapps | <ย 6.0.24-24.el6_0 | tomcat6-admin-webapps-6.0.24-24.el6_0.noarch.rpm |
RedHat | 6 | noarch | tomcat6 | <ย 6.0.24-24.el6_0 | tomcat6-6.0.24-24.el6_0.noarch.rpm |
RedHat | 6 | noarch | tomcat6-javadoc | <ย 6.0.24-24.el6_0 | tomcat6-javadoc-6.0.24-24.el6_0.noarch.rpm |
RedHat | 6 | noarch | tomcat6-webapps | <ย 6.0.24-24.el6_0 | tomcat6-webapps-6.0.24-24.el6_0.noarch.rpm |
RedHat | 6 | noarch | tomcat6-docs-webapp | <ย 6.0.24-24.el6_0 | tomcat6-docs-webapp-6.0.24-24.el6_0.noarch.rpm |
RedHat | 6 | src | tomcat6 | <ย 6.0.24-24.el6_0 | tomcat6-6.0.24-24.el6_0.src.rpm |
RedHat | 6 | noarch | tomcat6-el-2.1-api | <ย 6.0.24-24.el6_0 | tomcat6-el-2.1-api-6.0.24-24.el6_0.noarch.rpm |
RedHat | 6 | noarch | tomcat6-servlet-2.5-api | <ย 6.0.24-24.el6_0 | tomcat6-servlet-2.5-api-6.0.24-24.el6_0.noarch.rpm |
RedHat | 6 | noarch | tomcat6-jsp-2.1-api | <ย 6.0.24-24.el6_0 | tomcat6-jsp-2.1-api-6.0.24-24.el6_0.noarch.rpm |
RedHat | 6 | noarch | tomcat6-log4j | <ย 6.0.24-24.el6_0 | tomcat6-log4j-6.0.24-24.el6_0.noarch.rpm |