Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
This update also fixes the following bug:
All Tomcat 6 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Tomcat must be
restarted for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | s390x | tomcat6-debuginfo | < 6.0.24-94.el6_7 | tomcat6-debuginfo-6.0.24-94.el6_7.s390x.rpm |
RedHat | 6 | s390x | tomcat6-docs-webapp | < 6.0.24-94.el6_7 | tomcat6-docs-webapp-6.0.24-94.el6_7.s390x.rpm |
RedHat | 6 | src | tomcat6 | < 6.0.24-94.el6_7 | tomcat6-6.0.24-94.el6_7.src.rpm |
RedHat | 6 | i686 | tomcat6-javadoc | < 6.0.24-94.el6_7 | tomcat6-javadoc-6.0.24-94.el6_7.i686.rpm |
RedHat | 6 | ppc64 | tomcat6-docs-webapp | < 6.0.24-94.el6_7 | tomcat6-docs-webapp-6.0.24-94.el6_7.ppc64.rpm |
RedHat | 6 | i686 | tomcat6-debuginfo | < 6.0.24-94.el6_7 | tomcat6-debuginfo-6.0.24-94.el6_7.i686.rpm |
RedHat | 6 | x86_64 | tomcat6-lib | < 6.0.24-94.el6_7 | tomcat6-lib-6.0.24-94.el6_7.x86_64.rpm |
RedHat | 6 | i686 | tomcat6-admin-webapps | < 6.0.24-94.el6_7 | tomcat6-admin-webapps-6.0.24-94.el6_7.i686.rpm |
RedHat | 6 | ppc64 | tomcat6-el-2.1-api | < 6.0.24-94.el6_7 | tomcat6-el-2.1-api-6.0.24-94.el6_7.ppc64.rpm |
RedHat | 6 | i686 | tomcat6-webapps | < 6.0.24-94.el6_7 | tomcat6-webapps-6.0.24-94.el6_7.i686.rpm |