Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-2693
Vulnerability from cvelistv5
Published
2010-01-28 20:00
Modified
2024-08-07 05:59
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T05:59:56.959Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "HPSBUX02541", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { name: "HPSBMA02535", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/viewvc?rev=892815&view=rev", }, { name: "39317", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39317", }, { name: "DSA-2207", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2011/dsa-2207", }, { name: "openSUSE-SU-2012:1700", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", }, { name: "HPSBUX02860", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "40330", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/40330", }, { name: "MDVSA-2010:177", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:177", }, { name: "1023505", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1023505", }, { name: "43310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43310", }, { name: "tomcat-war-directory-traversal(55855)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55855", }, { name: "SSRT100029", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { name: "ADV-2010-1559", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/1559", }, { name: "APPLE-SA-2010-03-29-1", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", }, { name: "HPSBOV02762", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "37944", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/37944", }, { name: "ADV-2010-1986", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/1986", }, { name: "RHSA-2010:0580", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0580.html", }, { name: "oval:org.mitre.oval:def:7017", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017", }, { name: "40813", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/40813", }, { name: "38541", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38541", }, { name: "MDVSA-2010:176", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-6.html", }, { name: "57126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/57126", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", }, { name: "20100124 [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/509148/100/0/threaded", }, { name: "USN-899-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://ubuntu.com/usn/usn-899-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT4077", }, { name: "SUSE-SR:2010:008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", }, { name: "openSUSE-SU-2013:0147", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", }, { name: "38687", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38687", }, { name: "38346", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38346", }, { name: "SSRT100825", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://tomcat.apache.org/security-5.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", }, { name: "RHSA-2010:0119", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0119.html", }, { name: "RHSA-2010:0582", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0582.html", }, { name: "oval:org.mitre.oval:def:19355", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355", }, { name: "SSRT101146", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "38316", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38316", }, { name: "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/516397/100/0/threaded", }, { name: "ADV-2010-0213", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/0213", }, { name: "HPSBST02955", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=139344343412337&w=2", }, { name: "SSRT100145", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.apache.org/viewvc?rev=902650&view=rev", }, { name: "openSUSE-SU-2012:1701", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-01-24T00:00:00", descriptions: [ { lang: "en", value: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-13T16:09:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "HPSBUX02541", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { name: "HPSBMA02535", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/viewvc?rev=892815&view=rev", }, { name: "39317", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39317", }, { name: "DSA-2207", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2011/dsa-2207", }, { name: "openSUSE-SU-2012:1700", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", }, { name: "HPSBUX02860", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "40330", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/40330", }, { name: "MDVSA-2010:177", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:177", }, { name: "1023505", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1023505", }, { name: "43310", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43310", }, { name: "tomcat-war-directory-traversal(55855)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55855", }, { name: "SSRT100029", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { name: "ADV-2010-1559", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/1559", }, { name: "APPLE-SA-2010-03-29-1", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", }, { name: "HPSBOV02762", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "37944", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/37944", }, { name: "ADV-2010-1986", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/1986", }, { name: "RHSA-2010:0580", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0580.html", }, { name: "oval:org.mitre.oval:def:7017", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017", }, { name: "40813", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/40813", }, { name: "38541", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38541", }, { name: "MDVSA-2010:176", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-6.html", }, { name: "57126", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/57126", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", }, { name: "20100124 [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/509148/100/0/threaded", }, { name: "USN-899-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://ubuntu.com/usn/usn-899-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT4077", }, { name: "SUSE-SR:2010:008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", }, { name: "openSUSE-SU-2013:0147", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", }, { name: "38687", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38687", }, { name: "38346", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38346", }, { name: "SSRT100825", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://tomcat.apache.org/security-5.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", }, { name: "RHSA-2010:0119", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0119.html", }, { name: "RHSA-2010:0582", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0582.html", }, { name: "oval:org.mitre.oval:def:19355", tags: [ "vdb-entry", "signature", "x_refsource_OVAL", ], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355", }, { name: "SSRT101146", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "38316", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38316", }, { name: "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/516397/100/0/threaded", }, { name: "ADV-2010-0213", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/0213", }, { name: "HPSBST02955", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=139344343412337&w=2", }, { name: "SSRT100145", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.apache.org/viewvc?rev=902650&view=rev", }, { name: "openSUSE-SU-2012:1701", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-2693", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "HPSBUX02541", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { name: "HPSBMA02535", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { name: "http://svn.apache.org/viewvc?rev=892815&view=rev", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?rev=892815&view=rev", }, { name: "39317", refsource: "SECUNIA", url: "http://secunia.com/advisories/39317", }, { name: "DSA-2207", refsource: "DEBIAN", url: "http://www.debian.org/security/2011/dsa-2207", }, { name: "openSUSE-SU-2012:1700", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", }, { name: "HPSBUX02860", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "40330", refsource: "SECUNIA", url: "http://secunia.com/advisories/40330", }, { name: "MDVSA-2010:177", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:177", }, { name: "1023505", refsource: "SECTRACK", url: "http://securitytracker.com/id?1023505", }, { name: "43310", refsource: "SECUNIA", url: "http://secunia.com/advisories/43310", }, { name: "tomcat-war-directory-traversal(55855)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55855", }, { name: "SSRT100029", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { name: "ADV-2010-1559", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/1559", }, { name: "APPLE-SA-2010-03-29-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", }, { name: "HPSBOV02762", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "37944", refsource: "BID", url: "http://www.securityfocus.com/bid/37944", }, { name: "ADV-2010-1986", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/1986", }, { name: "RHSA-2010:0580", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0580.html", }, { name: "oval:org.mitre.oval:def:7017", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017", }, { name: "40813", refsource: "SECUNIA", url: "http://secunia.com/advisories/40813", }, { name: "38541", refsource: "SECUNIA", url: "http://secunia.com/advisories/38541", }, { name: "MDVSA-2010:176", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", }, { name: "http://tomcat.apache.org/security-6.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-6.html", }, { name: "57126", refsource: "SECUNIA", url: "http://secunia.com/advisories/57126", }, { name: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", refsource: "CONFIRM", url: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", }, { name: "20100124 [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/509148/100/0/threaded", }, { name: "USN-899-1", refsource: "UBUNTU", url: "http://ubuntu.com/usn/usn-899-1", }, { name: "http://support.apple.com/kb/HT4077", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT4077", }, { name: "SUSE-SR:2010:008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", }, { name: "openSUSE-SU-2013:0147", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", }, { name: "38687", refsource: "SECUNIA", url: "http://secunia.com/advisories/38687", }, { name: "38346", refsource: "SECUNIA", url: "http://secunia.com/advisories/38346", }, { name: "SSRT100825", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "http://tomcat.apache.org/security-5.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-5.html", }, { name: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", }, { name: "RHSA-2010:0119", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0119.html", }, { name: "RHSA-2010:0582", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0582.html", }, { name: "oval:org.mitre.oval:def:19355", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355", }, { name: "SSRT101146", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "38316", refsource: "SECUNIA", url: "http://secunia.com/advisories/38316", }, { name: "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/516397/100/0/threaded", }, { name: "ADV-2010-0213", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/0213", }, { name: "HPSBST02955", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=139344343412337&w=2", }, { name: "SSRT100145", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { name: "http://svn.apache.org/viewvc?rev=902650&view=rev", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?rev=902650&view=rev", }, { name: "openSUSE-SU-2012:1701", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-2693", datePublished: "2010-01-28T20:00:00", dateReserved: "2009-08-05T00:00:00", dateUpdated: "2024-08-07T05:59:56.959Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2009-2693\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-01-28T20:30:01.167\",\"lastModified\":\"2024-11-21T01:05:31.627\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de salto de directorio en Apache Tomcat v5.5.0 a la v5.5.28 y v6.0.0 a la v6.0.20, permite a atacantes remotos crear, sobrescribir archivos de su elección a través de .. (punto punto) en una entrada en un archivo WAR, como se demostró con la entrada ../../bin/catalina.bat.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB203AEC-2A94-48CA-A0E0-B5A8EBF028B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E98B82A-22E5-4E6C-90AE-56F5780EA147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34672E90-C220-436B-9143-480941227933\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92883AFA-A02F-41A5-9977-ABEAC8AD2970\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"989A78F8-EE92-465F-8A8D-ECF0B58AFE7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F5B6627-B4A4-4E2D-B96C-CA37CCC8C804\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACFB09F3-32D1-479C-8C39-D7329D9A6623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D56581E2-9ECD-426A-96D8-A9D958900AD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"717F6995-5AF0-484C-90C0-A82F25FD2E32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B0C01D5-773F-469C-9E69-170C2844AAA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB03FDFB-4DBF-4B70-BFA3-570D1DE67695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F5CF79C-759B-4FF9-90EE-847264059E93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"357651FD-392E-4775-BF20-37A23B3ABAE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585B9476-6B86-4809-9B9E-26112114CB59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6145036D-4FCE-4EBE-A137-BDFA69BA54F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E437055A-0A81-413F-AB08-0E9D0DC9EA30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9276A093-9C98-4617-9941-2276995F5848\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97C9C36C-EF7E-4D42-9749-E2FF6CE35A2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C98575E2-E39A-4A8F-B5B5-BD280B8367BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BDA08E7-A417-44E8-9C89-EB22BEEC3B9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCD1B6BE-CF07-4DA8-A703-4A48506C8AD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5878E08E-2741-4798-94E9-BA8E07386B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69F6BAB7-C099-4345-A632-7287AEA555B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3AAF031-D16B-4D51-9581-2D1376A5157B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51120689-F5C0-4DF1-91AA-314C40A46C58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F67477AB-85F6-421C-9C0B-C8EFB1B200CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16D0C265-2ED9-42CF-A7D6-C7FAE4246A1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D70CFD9-B55D-4A29-B94C-D33F3E881A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:5.5.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1195878-CCC9-49BC-9AC7-1F88F0DFAB82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D11D6FB7-CBDB-48C1-98CB-1B3CAA36C5D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"}]}]}],\"references\":[{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=127420533226623&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=127420533226623&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=133469267822771&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=133469267822771&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=136485229118404&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=136485229118404&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq&m=139344343412337&w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38316\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38346\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38541\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38687\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/39317\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/40330\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/40813\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/43310\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/57126\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1023505\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT4077\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://svn.apache.org/viewvc?rev=892815&view=rev\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?rev=902650&view=rev\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://tomcat.apache.org/security-5.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://ubuntu.com/usn/usn-899-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2207\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:176\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:177\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0119.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0580.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0582.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/509148/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/516397/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/37944\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0213\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1559\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1986\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/55855\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=127420533226623&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=127420533226623&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=133469267822771&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=133469267822771&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=136485229118404&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=136485229118404&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq&m=139344343412337&w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38316\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38346\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38541\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38687\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/39317\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/40330\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/40813\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43310\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/57126\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1023505\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4077\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://svn.apache.org/viewvc?rev=892815&view=rev\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?rev=902650&view=rev\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tomcat.apache.org/security-5.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://ubuntu.com/usn/usn-899-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2207\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:177\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0119.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0580.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0582.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/509148/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/516397/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/37944\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2011-0003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0213\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1559\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/1986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/55855\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2693\\n\\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/\\n\\nThis issue has been addressed in JBoss Enterprise Web Server 1.0.1: https://rhn.redhat.com/errata/RHSA-2010-0119.html\",\"lastModified\":\"2010-03-02T00:00:00\"}]}}", }, }
rhsa-2010_0582
Vulnerability from csaf_redhat
Published
2010-08-02 20:17
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: tomcat5 security update
Notes
Topic
Updated tomcat5 packages that fix three security issues are now available
for Red Hat Application Server v2.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A flaw was found in the way Tomcat handled the Transfer-Encoding header in
HTTP requests. A specially-crafted HTTP request could prevent Tomcat from
sending replies, or cause Tomcat to return truncated replies, or replies
containing data related to the requests of other users, for all subsequent
HTTP requests. (CVE-2010-2227)
Two directory traversal flaws were found in the Tomcat deployment process.
A specially-crafted WAR file could, when deployed, cause a file to be
created outside of the web root into any directory writable by the Tomcat
user, or could lead to the deletion of files in the Tomcat host's work
directory. (CVE-2009-2693, CVE-2009-2902)
Users of Tomcat should upgrade to these updated packages, which contain
backported patches to resolve these issues. Tomcat must be restarted for
this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat5 packages that fix three security issues are now available\nfor Red Hat Application Server v2.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nTwo directory traversal flaws were found in the Tomcat deployment process.\nA specially-crafted WAR file could, when deployed, cause a file to be\ncreated outside of the web root into any directory writable by the Tomcat\nuser, or could lead to the deletion of files in the Tomcat host's work\ndirectory. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0582", url: "https://access.redhat.com/errata/RHSA-2010:0582", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://tomcat.apache.org/security-5.html", url: "http://tomcat.apache.org/security-5.html", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0582.json", }, ], title: "Red Hat Security Advisory: tomcat5 security update", tracking: { current_release_date: "2024-11-22T03:34:28+00:00", generator: { date: "2024-11-22T03:34:28+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0582", initial_release_date: "2010-08-02T20:17:00+00:00", revision_history: [ { date: "2010-08-02T20:17:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-08-02T16:17:44+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:28+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Application Server v2 4AS", product: { name: "Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, { category: "product_name", name: "Red Hat Application Server v2 4ES", product: { name: "Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, { category: "product_name", name: "Red Hat Application Server v2 4WS", product: { name: "Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, ], category: "product_family", name: "Red Hat Application Server", }, { branches: [ { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product_id: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.17?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2010-2227", discovery_date: "2010-07-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "612799", }, ], notes: [ { category: "description", text: "Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with \"recycling of a buffer.\"", title: "Vulnerability description", }, { category: "summary", text: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2227", }, { category: "external", summary: "RHBZ#612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2227", url: "https://www.cve.org/CVERecord?id=CVE-2010-2227", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", }, ], release_date: "2010-07-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", }, ], }
rhsa-2010_0693
Vulnerability from csaf_redhat
Published
2010-09-10 08:34
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: tomcat5 security update
Notes
Topic
Updated tomcat5 packages that fix three security issues are now available
for Red Hat Certificate System 7.3.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A flaw was found in the way Tomcat handled the Transfer-Encoding header in
HTTP requests. A specially-crafted HTTP request could prevent Tomcat from
sending replies, or cause Tomcat to return truncated replies, or replies
containing data related to the requests of other users, for all subsequent
HTTP requests. (CVE-2010-2227)
This erratum fixes two additional security flaws in Tomcat. In a typical
operating environment, Tomcat is not exposed to users of Red Hat
Certificate System in a vulnerable manner. These fixes will reduce risk in
unique Certificate System environments. (CVE-2009-2693, CVE-2009-2902)
Users of Red Hat Certificate System 7.3 should upgrade to these updated
tomcat5 packages, which contain backported patches to correct these issues.
After installing the updated packages, the Red Hat Certificate System CA
(rhpki-ca), DRM (rhpki-kra), OCSP (rhpki-ocsp), and TKS (rhpki-tks)
subsystems must be restarted ("/etc/init.d/[instance-name] restart") for
this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat5 packages that fix three security issues are now available\nfor Red Hat Certificate System 7.3.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nThis erratum fixes two additional security flaws in Tomcat. In a typical\noperating environment, Tomcat is not exposed to users of Red Hat\nCertificate System in a vulnerable manner. These fixes will reduce risk in\nunique Certificate System environments. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Red Hat Certificate System 7.3 should upgrade to these updated\ntomcat5 packages, which contain backported patches to correct these issues.\nAfter installing the updated packages, the Red Hat Certificate System CA\n(rhpki-ca), DRM (rhpki-kra), OCSP (rhpki-ocsp), and TKS (rhpki-tks)\nsubsystems must be restarted (\"/etc/init.d/[instance-name] restart\") for\nthis update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0693", url: "https://access.redhat.com/errata/RHSA-2010:0693", }, { category: "external", summary: "http://www.redhat.com/security/updates/classification/#important", url: "http://www.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://tomcat.apache.org/security-5.html", url: "http://tomcat.apache.org/security-5.html", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0693.json", }, ], title: "Red Hat Security Advisory: tomcat5 security update", tracking: { current_release_date: "2024-11-22T03:34:39+00:00", generator: { date: "2024-11-22T03:34:39+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0693", initial_release_date: "2010-09-10T08:34:00+00:00", revision_history: [ { date: "2010-09-10T08:34:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-09-10T04:37:13+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:39+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Certificate System 7.3 for 4AS", product: { name: "Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:certificate_system:7.3", }, }, }, { category: "product_name", name: "Red Hat Certificate System 7.3 for 4ES", product: { name: "Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:certificate_system:7.3", }, }, }, ], category: "product_family", name: "Red Hat Certificate System", }, { branches: [ { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product_id: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.19?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.src", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.src", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2010-2227", discovery_date: "2010-07-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "612799", }, ], notes: [ { category: "description", text: "Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with \"recycling of a buffer.\"", title: "Vulnerability description", }, { category: "summary", text: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2227", }, { category: "external", summary: "RHBZ#612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2227", url: "https://www.cve.org/CVERecord?id=CVE-2010-2227", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", }, ], release_date: "2010-07-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", }, ], }
rhsa-2010_0119
Vulnerability from csaf_redhat
Published
2010-02-23 20:20
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.1 update
Notes
Topic
JBoss Enterprise Web Server 1.0.1 is now available for Red Hat Enterprise
Linux 4 and 5.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
JBoss Enterprise Web Server is a fully integrated and certified set
of components for hosting Java web applications. It is comprised of the
industry's leading web server (Apache HTTP Server), the popular Apache
Tomcat servlet container, as well as the mod_jk connector and the Tomcat
Native library.
This 1.0.1 release of JBoss Enterprise Web Server serves as a replacement
to JBoss Enterprise Web Server 1.0.0 GA. These updated packages include
a number of bug fixes. For detailed component, installation, and bug fix
information, refer to the JBoss Enterprise Web Server 1.0.1 Release Notes,
available shortly from the link in the References section of this erratum.
The following security issues are also fixed with this release:
A directory traversal flaw was found in the Tomcat deployment process. An
attacker could create a specially-crafted WAR file, which once deployed
by a local, unsuspecting user, would lead to attacker-controlled content
being deployed outside of the web root, into directories accessible to the
Tomcat process. (CVE-2009-2693)
A second directory traversal flaw was found in the Tomcat deployment
process. WAR file names were not sanitized, which could allow an attacker
to create a specially-crafted WAR file that could delete files in the
Tomcat host's work directory. (CVE-2009-2902)
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handle session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. (CVE-2009-3555)
This update provides a mitigation for this flaw in the following
components:
tomcat5 and tomcat6: A new attribute, allowUnsafeLegacyRenegotiation, is
available for the blocking IO (BIO) connector using JSSE, to enable or
disable TLS session renegotiation. The default value is "false", meaning
session renegotiation, both client- and server-initiated, is disabled by
default.
tomcat-native: Client-initiated renegotiation is now rejected by the native
connector. Server-initiated renegotiation is still allowed.
Refer to the following Knowledgebase article for additional details about
the CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491
All users of JBoss Enterprise Web Server 1.0.0 on Red Hat Enterprise Linux
4 and 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "JBoss Enterprise Web Server 1.0.1 is now available for Red Hat Enterprise\nLinux 4 and 5.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Web Server is a fully integrated and certified set\nof components for hosting Java web applications. It is comprised of the\nindustry's leading web server (Apache HTTP Server), the popular Apache\nTomcat servlet container, as well as the mod_jk connector and the Tomcat\nNative library.\n\nThis 1.0.1 release of JBoss Enterprise Web Server serves as a replacement\nto JBoss Enterprise Web Server 1.0.0 GA. These updated packages include\na number of bug fixes. For detailed component, installation, and bug fix\ninformation, refer to the JBoss Enterprise Web Server 1.0.1 Release Notes,\navailable shortly from the link in the References section of this erratum.\n\nThe following security issues are also fixed with this release:\n\nA directory traversal flaw was found in the Tomcat deployment process. An\nattacker could create a specially-crafted WAR file, which once deployed\nby a local, unsuspecting user, would lead to attacker-controlled content\nbeing deployed outside of the web root, into directories accessible to the\nTomcat process. (CVE-2009-2693)\n\nA second directory traversal flaw was found in the Tomcat deployment\nprocess. WAR file names were not sanitized, which could allow an attacker\nto create a specially-crafted WAR file that could delete files in the\nTomcat host's work directory. (CVE-2009-2902)\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. (CVE-2009-3555)\n\nThis update provides a mitigation for this flaw in the following\ncomponents:\n\ntomcat5 and tomcat6: A new attribute, allowUnsafeLegacyRenegotiation, is\navailable for the blocking IO (BIO) connector using JSSE, to enable or\ndisable TLS session renegotiation. The default value is \"false\", meaning\nsession renegotiation, both client- and server-initiated, is disabled by\ndefault.\n\ntomcat-native: Client-initiated renegotiation is now rejected by the native\nconnector. Server-initiated renegotiation is still allowed.\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nAll users of JBoss Enterprise Web Server 1.0.0 on Red Hat Enterprise Linux\n4 and 5 are advised to upgrade to these updated packages.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0119", url: "https://access.redhat.com/errata/RHSA-2010:0119", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "http://kbase.redhat.com/faq/docs/DOC-20491", url: "http://kbase.redhat.com/faq/docs/DOC-20491", }, { category: "external", summary: "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0.1/html-single/Release_Notes/index.html", url: "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0.1/html-single/Release_Notes/index.html", }, { category: "external", summary: "533125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533125", }, { category: "external", summary: "558872", url: "https://bugzilla.redhat.com/show_bug.cgi?id=558872", }, { category: "external", summary: "558873", url: "https://bugzilla.redhat.com/show_bug.cgi?id=558873", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0119.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.1 update", tracking: { current_release_date: "2024-11-22T03:34:15+00:00", generator: { date: "2024-11-22T03:34:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0119", initial_release_date: "2010-02-23T20:20:00+00:00", revision_history: [ { date: "2010-02-23T20:20:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-02-23T15:20:08+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product: { name: "Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", }, }, }, { category: "product_name", name: "Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product: { name: "Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, { branches: [ { category: "product_version", name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product_id: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-validator@1.3.1-7.4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product_id: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.9.1-2.2_patch_01.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product_id: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "mod_jk-0:1.2.28-4.ep5.el4.src", product: { name: "mod_jk-0:1.2.28-4.ep5.el4.src", product_id: "mod_jk-0:1.2.28-4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk@1.2.28-4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product_id: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-digester@1.8.1-7.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product_id: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-modeler@2.0-3.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product_id: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product_id: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-javaee@5.0.1-2.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product_id: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3jpp.ep1.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el4.src", product: { name: "struts12-0:1.2.9-2.ep5.el4.src", product_id: "struts12-0:1.2.9-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product_id: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product_id: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver12@1.2-1.1.ep5.el4?arch=src&epoch=1", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.src", product: { name: "httpd22-0:2.2.14-4.ep5.el4.src", product_id: "httpd22-0:2.2.14-4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.ep5.el4.src", product: { name: "tomcat6-0:6.0.24-2.ep5.el4.src", product_id: "tomcat6-0:6.0.24-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.ep5.el4.src", product: { name: "tomcat5-0:5.5.28-7.ep5.el4.src", product_id: "tomcat5-0:5.5.28-7.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product_id: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product: { name: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product_id: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk@1.2.28-4.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product_id: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el5.src", product: { name: "struts12-0:1.2.9-2.ep5.el5.src", product_id: "struts12-0:1.2.9-2.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product_id: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-3.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product_id: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product_id: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product_id: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.1.ep5.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product_id: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-validator@1.3.1-7.4.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product_id: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.9.1-2.2_patch_01.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product_id: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product_id: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-digester@1.8.1-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product_id: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-modeler@2.0-3.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product_id: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product_id: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-javaee-poms@5.0.1-2.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product_id: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-transaction-1.0.1-api@5.0.1-2.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product_id: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3jpp.ep1.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el4.noarch", product: { name: "struts12-0:1.2.9-2.ep5.el4.noarch", product_id: "struts12-0:1.2.9-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product_id: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product_id: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver12@1.2-1.1.ep5.el4?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-eclipse@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-parent@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product_id: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product_id: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el5.noarch", product: { name: "struts12-0:1.2.9-2.ep5.el5.noarch", product_id: "struts12-0:1.2.9-2.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product_id: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-3.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product_id: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-eclipse@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-parent@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-debuginfo@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product_id: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native-debuginfo@1.1.19-2.0.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-debuginfo@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-manual@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product_id: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl22@2.2.14-4.ep5.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.2.14-1.2.1.ep5.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product_id: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product_id: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-debuginfo@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product_id: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native-debuginfo@1.1.19-2.0.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-debuginfo@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-manual@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product_id: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl22@2.2.14-4.ep5.el4?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product_id: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.2.14-1.2.1.ep5.el5?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product_id: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product_id: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", }, product_reference: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", }, product_reference: "mod_jk-0:1.2.28-4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", }, product_reference: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", }, product_reference: "mod_jk-0:1.2.28-4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", }, product_reference: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", }, product_reference: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", }, product_reference: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", }, product_reference: "mod_jk-0:1.2.28-4.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", }, product_reference: "tomcat5-0:5.5.28-7.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", }, product_reference: "tomcat6-0:6.0.24-2.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2009-3555", cwe: { id: "CWE-300", name: "Channel Accessible by Non-Endpoint", }, discovery_date: "2009-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "533125", }, ], notes: [ { category: "description", text: "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.", title: "Vulnerability description", }, { category: "summary", text: "TLS: MITM attacks via session renegotiation", title: "Vulnerability summary", }, { category: "other", text: "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3555", }, { category: "external", summary: "RHBZ#533125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3555", url: "https://www.cve.org/CVERecord?id=CVE-2009-3555", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", }, ], release_date: "2009-11-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "TLS: MITM attacks via session renegotiation", }, { cve: "CVE-2010-2086", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2010-05-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "598164", }, ], notes: [ { category: "description", text: "Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.", title: "Vulnerability description", }, { category: "summary", text: "MyFaces: XSS via state view", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2086", }, { category: "external", summary: "RHBZ#598164", url: "https://bugzilla.redhat.com/show_bug.cgi?id=598164", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2086", url: "https://www.cve.org/CVERecord?id=CVE-2010-2086", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2086", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2086", }, ], release_date: "2010-02-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "MyFaces: XSS via state view", }, ], }
rhsa-2010:0119
Vulnerability from csaf_redhat
Published
2010-02-23 20:20
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.1 update
Notes
Topic
JBoss Enterprise Web Server 1.0.1 is now available for Red Hat Enterprise
Linux 4 and 5.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
JBoss Enterprise Web Server is a fully integrated and certified set
of components for hosting Java web applications. It is comprised of the
industry's leading web server (Apache HTTP Server), the popular Apache
Tomcat servlet container, as well as the mod_jk connector and the Tomcat
Native library.
This 1.0.1 release of JBoss Enterprise Web Server serves as a replacement
to JBoss Enterprise Web Server 1.0.0 GA. These updated packages include
a number of bug fixes. For detailed component, installation, and bug fix
information, refer to the JBoss Enterprise Web Server 1.0.1 Release Notes,
available shortly from the link in the References section of this erratum.
The following security issues are also fixed with this release:
A directory traversal flaw was found in the Tomcat deployment process. An
attacker could create a specially-crafted WAR file, which once deployed
by a local, unsuspecting user, would lead to attacker-controlled content
being deployed outside of the web root, into directories accessible to the
Tomcat process. (CVE-2009-2693)
A second directory traversal flaw was found in the Tomcat deployment
process. WAR file names were not sanitized, which could allow an attacker
to create a specially-crafted WAR file that could delete files in the
Tomcat host's work directory. (CVE-2009-2902)
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handle session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. (CVE-2009-3555)
This update provides a mitigation for this flaw in the following
components:
tomcat5 and tomcat6: A new attribute, allowUnsafeLegacyRenegotiation, is
available for the blocking IO (BIO) connector using JSSE, to enable or
disable TLS session renegotiation. The default value is "false", meaning
session renegotiation, both client- and server-initiated, is disabled by
default.
tomcat-native: Client-initiated renegotiation is now rejected by the native
connector. Server-initiated renegotiation is still allowed.
Refer to the following Knowledgebase article for additional details about
the CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491
All users of JBoss Enterprise Web Server 1.0.0 on Red Hat Enterprise Linux
4 and 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "JBoss Enterprise Web Server 1.0.1 is now available for Red Hat Enterprise\nLinux 4 and 5.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Web Server is a fully integrated and certified set\nof components for hosting Java web applications. It is comprised of the\nindustry's leading web server (Apache HTTP Server), the popular Apache\nTomcat servlet container, as well as the mod_jk connector and the Tomcat\nNative library.\n\nThis 1.0.1 release of JBoss Enterprise Web Server serves as a replacement\nto JBoss Enterprise Web Server 1.0.0 GA. These updated packages include\na number of bug fixes. For detailed component, installation, and bug fix\ninformation, refer to the JBoss Enterprise Web Server 1.0.1 Release Notes,\navailable shortly from the link in the References section of this erratum.\n\nThe following security issues are also fixed with this release:\n\nA directory traversal flaw was found in the Tomcat deployment process. An\nattacker could create a specially-crafted WAR file, which once deployed\nby a local, unsuspecting user, would lead to attacker-controlled content\nbeing deployed outside of the web root, into directories accessible to the\nTomcat process. (CVE-2009-2693)\n\nA second directory traversal flaw was found in the Tomcat deployment\nprocess. WAR file names were not sanitized, which could allow an attacker\nto create a specially-crafted WAR file that could delete files in the\nTomcat host's work directory. (CVE-2009-2902)\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. (CVE-2009-3555)\n\nThis update provides a mitigation for this flaw in the following\ncomponents:\n\ntomcat5 and tomcat6: A new attribute, allowUnsafeLegacyRenegotiation, is\navailable for the blocking IO (BIO) connector using JSSE, to enable or\ndisable TLS session renegotiation. The default value is \"false\", meaning\nsession renegotiation, both client- and server-initiated, is disabled by\ndefault.\n\ntomcat-native: Client-initiated renegotiation is now rejected by the native\nconnector. Server-initiated renegotiation is still allowed.\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nAll users of JBoss Enterprise Web Server 1.0.0 on Red Hat Enterprise Linux\n4 and 5 are advised to upgrade to these updated packages.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0119", url: "https://access.redhat.com/errata/RHSA-2010:0119", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "http://kbase.redhat.com/faq/docs/DOC-20491", url: "http://kbase.redhat.com/faq/docs/DOC-20491", }, { category: "external", summary: "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0.1/html-single/Release_Notes/index.html", url: "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0.1/html-single/Release_Notes/index.html", }, { category: "external", summary: "533125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533125", }, { category: "external", summary: "558872", url: "https://bugzilla.redhat.com/show_bug.cgi?id=558872", }, { category: "external", summary: "558873", url: "https://bugzilla.redhat.com/show_bug.cgi?id=558873", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0119.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.1 update", tracking: { current_release_date: "2024-11-22T03:34:15+00:00", generator: { date: "2024-11-22T03:34:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0119", initial_release_date: "2010-02-23T20:20:00+00:00", revision_history: [ { date: "2010-02-23T20:20:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-02-23T15:20:08+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product: { name: "Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", }, }, }, { category: "product_name", name: "Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product: { name: "Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, { branches: [ { category: "product_version", name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product_id: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-validator@1.3.1-7.4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product_id: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.9.1-2.2_patch_01.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product_id: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "mod_jk-0:1.2.28-4.ep5.el4.src", product: { name: "mod_jk-0:1.2.28-4.ep5.el4.src", product_id: "mod_jk-0:1.2.28-4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk@1.2.28-4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product_id: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-digester@1.8.1-7.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product_id: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-modeler@2.0-3.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product_id: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product_id: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-javaee@5.0.1-2.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product_id: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3jpp.ep1.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el4.src", product: { name: "struts12-0:1.2.9-2.ep5.el4.src", product_id: "struts12-0:1.2.9-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product_id: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product_id: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver12@1.2-1.1.ep5.el4?arch=src&epoch=1", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.src", product: { name: "httpd22-0:2.2.14-4.ep5.el4.src", product_id: "httpd22-0:2.2.14-4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.ep5.el4.src", product: { name: "tomcat6-0:6.0.24-2.ep5.el4.src", product_id: "tomcat6-0:6.0.24-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.ep5.el4.src", product: { name: "tomcat5-0:5.5.28-7.ep5.el4.src", product_id: "tomcat5-0:5.5.28-7.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product_id: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product: { name: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product_id: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk@1.2.28-4.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product_id: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el5.src", product: { name: "struts12-0:1.2.9-2.ep5.el5.src", product_id: "struts12-0:1.2.9-2.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product_id: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-3.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product_id: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product_id: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product_id: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.1.ep5.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product_id: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-validator@1.3.1-7.4.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product_id: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.9.1-2.2_patch_01.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product_id: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product_id: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-digester@1.8.1-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product_id: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-modeler@2.0-3.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product_id: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product_id: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-javaee-poms@5.0.1-2.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product_id: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-transaction-1.0.1-api@5.0.1-2.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product_id: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3jpp.ep1.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el4.noarch", product: { name: "struts12-0:1.2.9-2.ep5.el4.noarch", product_id: "struts12-0:1.2.9-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product_id: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product_id: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver12@1.2-1.1.ep5.el4?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-eclipse@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-parent@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product_id: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product_id: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el5.noarch", product: { name: "struts12-0:1.2.9-2.ep5.el5.noarch", product_id: "struts12-0:1.2.9-2.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product_id: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-3.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product_id: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-eclipse@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-parent@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-debuginfo@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product_id: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native-debuginfo@1.1.19-2.0.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-debuginfo@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-manual@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product_id: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl22@2.2.14-4.ep5.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.2.14-1.2.1.ep5.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product_id: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product_id: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-debuginfo@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product_id: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native-debuginfo@1.1.19-2.0.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-debuginfo@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-manual@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product_id: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl22@2.2.14-4.ep5.el4?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product_id: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.2.14-1.2.1.ep5.el5?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product_id: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product_id: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", }, product_reference: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", }, product_reference: "mod_jk-0:1.2.28-4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", }, product_reference: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", }, product_reference: "mod_jk-0:1.2.28-4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", }, product_reference: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", }, product_reference: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", }, product_reference: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", }, product_reference: "mod_jk-0:1.2.28-4.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", }, product_reference: "tomcat5-0:5.5.28-7.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", }, product_reference: "tomcat6-0:6.0.24-2.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2009-3555", cwe: { id: "CWE-300", name: "Channel Accessible by Non-Endpoint", }, discovery_date: "2009-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "533125", }, ], notes: [ { category: "description", text: "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.", title: "Vulnerability description", }, { category: "summary", text: "TLS: MITM attacks via session renegotiation", title: "Vulnerability summary", }, { category: "other", text: "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3555", }, { category: "external", summary: "RHBZ#533125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3555", url: "https://www.cve.org/CVERecord?id=CVE-2009-3555", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", }, ], release_date: "2009-11-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "TLS: MITM attacks via session renegotiation", }, { cve: "CVE-2010-2086", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2010-05-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "598164", }, ], notes: [ { category: "description", text: "Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.", title: "Vulnerability description", }, { category: "summary", text: "MyFaces: XSS via state view", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2086", }, { category: "external", summary: "RHBZ#598164", url: "https://bugzilla.redhat.com/show_bug.cgi?id=598164", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2086", url: "https://www.cve.org/CVERecord?id=CVE-2010-2086", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2086", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2086", }, ], release_date: "2010-02-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "MyFaces: XSS via state view", }, ], }
rhsa-2010:0580
Vulnerability from csaf_redhat
Published
2010-08-02 20:00
Modified
2025-02-24 10:51
Summary
Red Hat Security Advisory: tomcat5 security update
Notes
Topic
Updated tomcat5 packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A flaw was found in the way Tomcat handled the Transfer-Encoding header in
HTTP requests. A specially-crafted HTTP request could prevent Tomcat from
sending replies, or cause Tomcat to return truncated replies, or replies
containing data related to the requests of other users, for all subsequent
HTTP requests. (CVE-2010-2227)
The Tomcat security update RHSA-2009:1164 did not, unlike the erratum text
stated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw
in the examples calendar application. With some web browsers, remote
attackers could use this flaw to inject arbitrary web script or HTML via
the "time" parameter. (CVE-2009-2696)
Two directory traversal flaws were found in the Tomcat deployment process.
A specially-crafted WAR file could, when deployed, cause a file to be
created outside of the web root into any directory writable by the Tomcat
user, or could lead to the deletion of files in the Tomcat host's work
directory. (CVE-2009-2693, CVE-2009-2902)
Users of Tomcat should upgrade to these updated packages, which contain
backported patches to resolve these issues. Tomcat must be restarted for
this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat5 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nThe Tomcat security update RHSA-2009:1164 did not, unlike the erratum text\nstated, provide a fix for CVE-2009-0781, a cross-site scripting (XSS) flaw\nin the examples calendar application. With some web browsers, remote\nattackers could use this flaw to inject arbitrary web script or HTML via\nthe \"time\" parameter. (CVE-2009-2696)\n\nTwo directory traversal flaws were found in the Tomcat deployment process.\nA specially-crafted WAR file could, when deployed, cause a file to be\ncreated outside of the web root into any directory writable by the Tomcat\nuser, or could lead to the deletion of files in the Tomcat host's work\ndirectory. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0580", url: "https://access.redhat.com/errata/RHSA-2010:0580", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "external", summary: "616717", url: "https://bugzilla.redhat.com/show_bug.cgi?id=616717", }, { category: "external", summary: "http://tomcat.apache.org/security-5.html", url: "http://tomcat.apache.org/security-5.html", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0580.json", }, ], title: "Red Hat Security Advisory: tomcat5 security update", tracking: { current_release_date: "2025-02-24T10:51:48+00:00", generator: { date: "2025-02-24T10:51:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.3.1", }, }, id: "RHSA-2010:0580", initial_release_date: "2010-08-02T20:00:00+00:00", revision_history: [ { date: "2010-08-02T20:00:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-08-02T16:00:06+00:00", number: "2", summary: "Last updated version", }, { date: "2025-02-24T10:51:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product: { name: "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::client_workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux (v. 5 server)", product: { name: "Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:5::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.9.el5_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.9.el5_5?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, { branches: [ { category: "product_version", name: "tomcat5-0:5.5.23-0jpp.9.el5_5.src", product: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.src", product_id: "tomcat5-0:5.5.23-0jpp.9.el5_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.el5_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", product_id: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.9.el5_5?arch=ia64", }, }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", product_id: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.9.el5_5?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", product: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", product_id: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.el5_5?arch=ppc64", }, }, }, { category: "product_version", name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", product: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", product_id: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.9.el5_5?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-debuginfo@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", product_id: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp.9.el5_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.src", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)", product_id: "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client-Workstation", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.src", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", product_id: "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Client", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.src as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.src", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", relates_to_product_reference: "5Server", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", product_id: "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", relates_to_product_reference: "5Server", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:00:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0580", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2696", discovery_date: "2009-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "616717", }, ], notes: [ { category: "description", text: "Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to \"invalid HTML.\" NOTE: this is due to a missing fix for CVE-2009-0781.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: missing fix for CVE-2009-0781", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2696", }, { category: "external", summary: "RHBZ#616717", url: "https://bugzilla.redhat.com/show_bug.cgi?id=616717", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2696", url: "https://www.cve.org/CVERecord?id=CVE-2009-2696", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2696", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2696", }, ], release_date: "2010-08-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:00:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0580", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: missing fix for CVE-2009-0781", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:00:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0580", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2010-2227", discovery_date: "2010-07-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "612799", }, ], notes: [ { category: "description", text: "Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with \"recycling of a buffer.\"", title: "Vulnerability description", }, { category: "summary", text: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2227", }, { category: "external", summary: "RHBZ#612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2227", url: "https://www.cve.org/CVERecord?id=CVE-2010-2227", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", }, ], release_date: "2010-07-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:00:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0580", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, products: [ "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client-Workstation:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client-Workstation:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Client:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Client:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.src", "5Server:tomcat5-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-admin-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-common-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.ppc64", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-debuginfo-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jasper-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-server-lib-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp.9.el5_5.x86_64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.i386", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ia64", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.ppc", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.s390x", "5Server:tomcat5-webapps-0:5.5.23-0jpp.9.el5_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", }, ], }
rhsa-2010:0693
Vulnerability from csaf_redhat
Published
2010-09-10 08:34
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: tomcat5 security update
Notes
Topic
Updated tomcat5 packages that fix three security issues are now available
for Red Hat Certificate System 7.3.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A flaw was found in the way Tomcat handled the Transfer-Encoding header in
HTTP requests. A specially-crafted HTTP request could prevent Tomcat from
sending replies, or cause Tomcat to return truncated replies, or replies
containing data related to the requests of other users, for all subsequent
HTTP requests. (CVE-2010-2227)
This erratum fixes two additional security flaws in Tomcat. In a typical
operating environment, Tomcat is not exposed to users of Red Hat
Certificate System in a vulnerable manner. These fixes will reduce risk in
unique Certificate System environments. (CVE-2009-2693, CVE-2009-2902)
Users of Red Hat Certificate System 7.3 should upgrade to these updated
tomcat5 packages, which contain backported patches to correct these issues.
After installing the updated packages, the Red Hat Certificate System CA
(rhpki-ca), DRM (rhpki-kra), OCSP (rhpki-ocsp), and TKS (rhpki-tks)
subsystems must be restarted ("/etc/init.d/[instance-name] restart") for
this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat5 packages that fix three security issues are now available\nfor Red Hat Certificate System 7.3.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nThis erratum fixes two additional security flaws in Tomcat. In a typical\noperating environment, Tomcat is not exposed to users of Red Hat\nCertificate System in a vulnerable manner. These fixes will reduce risk in\nunique Certificate System environments. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Red Hat Certificate System 7.3 should upgrade to these updated\ntomcat5 packages, which contain backported patches to correct these issues.\nAfter installing the updated packages, the Red Hat Certificate System CA\n(rhpki-ca), DRM (rhpki-kra), OCSP (rhpki-ocsp), and TKS (rhpki-tks)\nsubsystems must be restarted (\"/etc/init.d/[instance-name] restart\") for\nthis update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0693", url: "https://access.redhat.com/errata/RHSA-2010:0693", }, { category: "external", summary: "http://www.redhat.com/security/updates/classification/#important", url: "http://www.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://tomcat.apache.org/security-5.html", url: "http://tomcat.apache.org/security-5.html", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0693.json", }, ], title: "Red Hat Security Advisory: tomcat5 security update", tracking: { current_release_date: "2024-11-22T03:34:39+00:00", generator: { date: "2024-11-22T03:34:39+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0693", initial_release_date: "2010-09-10T08:34:00+00:00", revision_history: [ { date: "2010-09-10T08:34:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-09-10T04:37:13+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:39+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Certificate System 7.3 for 4AS", product: { name: "Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:certificate_system:7.3", }, }, }, { category: "product_name", name: "Red Hat Certificate System 7.3 for 4ES", product: { name: "Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:certificate_system:7.3", }, }, }, ], category: "product_family", name: "Red Hat Certificate System", }, { branches: [ { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product_id: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.19?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.src", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.src", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2010-2227", discovery_date: "2010-07-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "612799", }, ], notes: [ { category: "description", text: "Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with \"recycling of a buffer.\"", title: "Vulnerability description", }, { category: "summary", text: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2227", }, { category: "external", summary: "RHBZ#612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2227", url: "https://www.cve.org/CVERecord?id=CVE-2010-2227", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", }, ], release_date: "2010-07-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", }, ], }
RHSA-2010:0693
Vulnerability from csaf_redhat
Published
2010-09-10 08:34
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: tomcat5 security update
Notes
Topic
Updated tomcat5 packages that fix three security issues are now available
for Red Hat Certificate System 7.3.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A flaw was found in the way Tomcat handled the Transfer-Encoding header in
HTTP requests. A specially-crafted HTTP request could prevent Tomcat from
sending replies, or cause Tomcat to return truncated replies, or replies
containing data related to the requests of other users, for all subsequent
HTTP requests. (CVE-2010-2227)
This erratum fixes two additional security flaws in Tomcat. In a typical
operating environment, Tomcat is not exposed to users of Red Hat
Certificate System in a vulnerable manner. These fixes will reduce risk in
unique Certificate System environments. (CVE-2009-2693, CVE-2009-2902)
Users of Red Hat Certificate System 7.3 should upgrade to these updated
tomcat5 packages, which contain backported patches to correct these issues.
After installing the updated packages, the Red Hat Certificate System CA
(rhpki-ca), DRM (rhpki-kra), OCSP (rhpki-ocsp), and TKS (rhpki-tks)
subsystems must be restarted ("/etc/init.d/[instance-name] restart") for
this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat5 packages that fix three security issues are now available\nfor Red Hat Certificate System 7.3.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nThis erratum fixes two additional security flaws in Tomcat. In a typical\noperating environment, Tomcat is not exposed to users of Red Hat\nCertificate System in a vulnerable manner. These fixes will reduce risk in\nunique Certificate System environments. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Red Hat Certificate System 7.3 should upgrade to these updated\ntomcat5 packages, which contain backported patches to correct these issues.\nAfter installing the updated packages, the Red Hat Certificate System CA\n(rhpki-ca), DRM (rhpki-kra), OCSP (rhpki-ocsp), and TKS (rhpki-tks)\nsubsystems must be restarted (\"/etc/init.d/[instance-name] restart\") for\nthis update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0693", url: "https://access.redhat.com/errata/RHSA-2010:0693", }, { category: "external", summary: "http://www.redhat.com/security/updates/classification/#important", url: "http://www.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://tomcat.apache.org/security-5.html", url: "http://tomcat.apache.org/security-5.html", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0693.json", }, ], title: "Red Hat Security Advisory: tomcat5 security update", tracking: { current_release_date: "2024-11-22T03:34:39+00:00", generator: { date: "2024-11-22T03:34:39+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0693", initial_release_date: "2010-09-10T08:34:00+00:00", revision_history: [ { date: "2010-09-10T08:34:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-09-10T04:37:13+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:39+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Certificate System 7.3 for 4AS", product: { name: "Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:certificate_system:7.3", }, }, }, { category: "product_name", name: "Red Hat Certificate System 7.3 for 4ES", product: { name: "Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3", product_identification_helper: { cpe: "cpe:/a:redhat:certificate_system:7.3", }, }, }, ], category: "product_family", name: "Red Hat Certificate System", }, { branches: [ { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product_id: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp_4rh.19?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product_id: "tomcat5-0:5.5.23-0jpp_4rh.19.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.19?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.src", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4AS", product_id: "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4AS-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.19.src as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.19.src", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch as a component of Red Hat Certificate System 7.3 for 4ES", product_id: "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", relates_to_product_reference: "4ES-CERT-7.3", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2010-2227", discovery_date: "2010-07-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "612799", }, ], notes: [ { category: "description", text: "Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with \"recycling of a buffer.\"", title: "Vulnerability description", }, { category: "summary", text: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2227", }, { category: "external", summary: "RHBZ#612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2227", url: "https://www.cve.org/CVERecord?id=CVE-2010-2227", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", }, ], release_date: "2010-07-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-09-10T08:34:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0693", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, products: [ "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4AS-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4AS-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-0:5.5.23-0jpp_4rh.19.src", "4ES-CERT-7.3:tomcat5-common-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jasper-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-server-lib-0:5.5.23-0jpp_4rh.19.noarch", "4ES-CERT-7.3:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.19.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", }, ], }
RHSA-2010:0582
Vulnerability from csaf_redhat
Published
2010-08-02 20:17
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: tomcat5 security update
Notes
Topic
Updated tomcat5 packages that fix three security issues are now available
for Red Hat Application Server v2.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A flaw was found in the way Tomcat handled the Transfer-Encoding header in
HTTP requests. A specially-crafted HTTP request could prevent Tomcat from
sending replies, or cause Tomcat to return truncated replies, or replies
containing data related to the requests of other users, for all subsequent
HTTP requests. (CVE-2010-2227)
Two directory traversal flaws were found in the Tomcat deployment process.
A specially-crafted WAR file could, when deployed, cause a file to be
created outside of the web root into any directory writable by the Tomcat
user, or could lead to the deletion of files in the Tomcat host's work
directory. (CVE-2009-2693, CVE-2009-2902)
Users of Tomcat should upgrade to these updated packages, which contain
backported patches to resolve these issues. Tomcat must be restarted for
this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat5 packages that fix three security issues are now available\nfor Red Hat Application Server v2.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nTwo directory traversal flaws were found in the Tomcat deployment process.\nA specially-crafted WAR file could, when deployed, cause a file to be\ncreated outside of the web root into any directory writable by the Tomcat\nuser, or could lead to the deletion of files in the Tomcat host's work\ndirectory. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0582", url: "https://access.redhat.com/errata/RHSA-2010:0582", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://tomcat.apache.org/security-5.html", url: "http://tomcat.apache.org/security-5.html", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0582.json", }, ], title: "Red Hat Security Advisory: tomcat5 security update", tracking: { current_release_date: "2024-11-22T03:34:28+00:00", generator: { date: "2024-11-22T03:34:28+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0582", initial_release_date: "2010-08-02T20:17:00+00:00", revision_history: [ { date: "2010-08-02T20:17:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-08-02T16:17:44+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:28+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Application Server v2 4AS", product: { name: "Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, { category: "product_name", name: "Red Hat Application Server v2 4ES", product: { name: "Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, { category: "product_name", name: "Red Hat Application Server v2 4WS", product: { name: "Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, ], category: "product_family", name: "Red Hat Application Server", }, { branches: [ { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product_id: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.17?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2010-2227", discovery_date: "2010-07-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "612799", }, ], notes: [ { category: "description", text: "Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with \"recycling of a buffer.\"", title: "Vulnerability description", }, { category: "summary", text: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2227", }, { category: "external", summary: "RHBZ#612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2227", url: "https://www.cve.org/CVERecord?id=CVE-2010-2227", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", }, ], release_date: "2010-07-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", }, ], }
RHSA-2010:0119
Vulnerability from csaf_redhat
Published
2010-02-23 20:20
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.1 update
Notes
Topic
JBoss Enterprise Web Server 1.0.1 is now available for Red Hat Enterprise
Linux 4 and 5.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
JBoss Enterprise Web Server is a fully integrated and certified set
of components for hosting Java web applications. It is comprised of the
industry's leading web server (Apache HTTP Server), the popular Apache
Tomcat servlet container, as well as the mod_jk connector and the Tomcat
Native library.
This 1.0.1 release of JBoss Enterprise Web Server serves as a replacement
to JBoss Enterprise Web Server 1.0.0 GA. These updated packages include
a number of bug fixes. For detailed component, installation, and bug fix
information, refer to the JBoss Enterprise Web Server 1.0.1 Release Notes,
available shortly from the link in the References section of this erratum.
The following security issues are also fixed with this release:
A directory traversal flaw was found in the Tomcat deployment process. An
attacker could create a specially-crafted WAR file, which once deployed
by a local, unsuspecting user, would lead to attacker-controlled content
being deployed outside of the web root, into directories accessible to the
Tomcat process. (CVE-2009-2693)
A second directory traversal flaw was found in the Tomcat deployment
process. WAR file names were not sanitized, which could allow an attacker
to create a specially-crafted WAR file that could delete files in the
Tomcat host's work directory. (CVE-2009-2902)
A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure
Sockets Layer) protocols handle session renegotiation. A man-in-the-middle
attacker could use this flaw to prefix arbitrary plain text to a client's
session (for example, an HTTPS connection to a website). This could force
the server to process an attacker's request as if authenticated using the
victim's credentials. (CVE-2009-3555)
This update provides a mitigation for this flaw in the following
components:
tomcat5 and tomcat6: A new attribute, allowUnsafeLegacyRenegotiation, is
available for the blocking IO (BIO) connector using JSSE, to enable or
disable TLS session renegotiation. The default value is "false", meaning
session renegotiation, both client- and server-initiated, is disabled by
default.
tomcat-native: Client-initiated renegotiation is now rejected by the native
connector. Server-initiated renegotiation is still allowed.
Refer to the following Knowledgebase article for additional details about
the CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491
All users of JBoss Enterprise Web Server 1.0.0 on Red Hat Enterprise Linux
4 and 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "JBoss Enterprise Web Server 1.0.1 is now available for Red Hat Enterprise\nLinux 4 and 5.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Web Server is a fully integrated and certified set\nof components for hosting Java web applications. It is comprised of the\nindustry's leading web server (Apache HTTP Server), the popular Apache\nTomcat servlet container, as well as the mod_jk connector and the Tomcat\nNative library.\n\nThis 1.0.1 release of JBoss Enterprise Web Server serves as a replacement\nto JBoss Enterprise Web Server 1.0.0 GA. These updated packages include\na number of bug fixes. For detailed component, installation, and bug fix\ninformation, refer to the JBoss Enterprise Web Server 1.0.1 Release Notes,\navailable shortly from the link in the References section of this erratum.\n\nThe following security issues are also fixed with this release:\n\nA directory traversal flaw was found in the Tomcat deployment process. An\nattacker could create a specially-crafted WAR file, which once deployed\nby a local, unsuspecting user, would lead to attacker-controlled content\nbeing deployed outside of the web root, into directories accessible to the\nTomcat process. (CVE-2009-2693)\n\nA second directory traversal flaw was found in the Tomcat deployment\nprocess. WAR file names were not sanitized, which could allow an attacker\nto create a specially-crafted WAR file that could delete files in the\nTomcat host's work directory. (CVE-2009-2902)\n\nA flaw was found in the way the TLS/SSL (Transport Layer Security/Secure\nSockets Layer) protocols handle session renegotiation. A man-in-the-middle\nattacker could use this flaw to prefix arbitrary plain text to a client's\nsession (for example, an HTTPS connection to a website). This could force\nthe server to process an attacker's request as if authenticated using the\nvictim's credentials. (CVE-2009-3555)\n\nThis update provides a mitigation for this flaw in the following\ncomponents:\n\ntomcat5 and tomcat6: A new attribute, allowUnsafeLegacyRenegotiation, is\navailable for the blocking IO (BIO) connector using JSSE, to enable or\ndisable TLS session renegotiation. The default value is \"false\", meaning\nsession renegotiation, both client- and server-initiated, is disabled by\ndefault.\n\ntomcat-native: Client-initiated renegotiation is now rejected by the native\nconnector. Server-initiated renegotiation is still allowed.\n\nRefer to the following Knowledgebase article for additional details about\nthe CVE-2009-3555 flaw: http://kbase.redhat.com/faq/docs/DOC-20491\n\nAll users of JBoss Enterprise Web Server 1.0.0 on Red Hat Enterprise Linux\n4 and 5 are advised to upgrade to these updated packages.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0119", url: "https://access.redhat.com/errata/RHSA-2010:0119", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "http://kbase.redhat.com/faq/docs/DOC-20491", url: "http://kbase.redhat.com/faq/docs/DOC-20491", }, { category: "external", summary: "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0.1/html-single/Release_Notes/index.html", url: "http://www.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0.1/html-single/Release_Notes/index.html", }, { category: "external", summary: "533125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533125", }, { category: "external", summary: "558872", url: "https://bugzilla.redhat.com/show_bug.cgi?id=558872", }, { category: "external", summary: "558873", url: "https://bugzilla.redhat.com/show_bug.cgi?id=558873", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0119.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.1 update", tracking: { current_release_date: "2024-11-22T03:34:15+00:00", generator: { date: "2024-11-22T03:34:15+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0119", initial_release_date: "2010-02-23T20:20:00+00:00", revision_history: [ { date: "2010-02-23T20:20:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-02-23T15:20:08+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:15+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product: { name: "Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", }, }, }, { category: "product_name", name: "Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product: { name: "Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el4", }, }, }, { category: "product_name", name: "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product: { name: "Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_server:1::el5", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Server", }, { branches: [ { category: "product_version", name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product_id: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-validator@1.3.1-7.4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product_id: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.9.1-2.2_patch_01.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product_id: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "mod_jk-0:1.2.28-4.ep5.el4.src", product: { name: "mod_jk-0:1.2.28-4.ep5.el4.src", product_id: "mod_jk-0:1.2.28-4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk@1.2.28-4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product_id: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-digester@1.8.1-7.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product_id: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-modeler@2.0-3.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product_id: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product_id: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-javaee@5.0.1-2.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product_id: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3jpp.ep1.3.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el4.src", product: { name: "struts12-0:1.2.9-2.ep5.el4.src", product_id: "struts12-0:1.2.9-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product_id: "jakarta-commons-io-0:1.4-1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product_id: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver12@1.2-1.1.ep5.el4?arch=src&epoch=1", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.src", product: { name: "httpd22-0:2.2.14-4.ep5.el4.src", product_id: "httpd22-0:2.2.14-4.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.ep5.el4.src", product: { name: "tomcat6-0:6.0.24-2.ep5.el4.src", product_id: "tomcat6-0:6.0.24-2.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.ep5.el4.src", product: { name: "tomcat5-0:5.5.28-7.ep5.el4.src", product_id: "tomcat5-0:5.5.28-7.ep5.el4.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.ep5.el4?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product_id: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product: { name: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product_id: "mod_jk-0:1.2.28-4.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk@1.2.28-4.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product_id: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el5.src", product: { name: "struts12-0:1.2.9-2.ep5.el5.src", product_id: "struts12-0:1.2.9-2.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product_id: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-3.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product_id: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product_id: "tomcat6-0:6.0.24-2.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.1.ep5.el5?arch=src", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product_id: "tomcat5-0:5.5.28-7.1.ep5.el5.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.1.ep5.el5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product_id: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-validator@1.3.1-7.4.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product_id: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.9.1-2.2_patch_01.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product_id: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product_id: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-digester@1.8.1-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product_id: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-modeler@2.0-3.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product_id: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product_id: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-javaee-poms@5.0.1-2.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product_id: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jboss-transaction-1.0.1-api@5.0.1-2.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product_id: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3jpp.ep1.3.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el4.noarch", product: { name: "struts12-0:1.2.9-2.ep5.el4.noarch", product_id: "struts12-0:1.2.9-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product_id: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product_id: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver12@1.2-1.1.ep5.el4?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product_id: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.24-2.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-eclipse@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-parent@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.28-7.ep5.el4?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product_id: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-chain@1.2-2.1.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product_id: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-oro@2.0.8-3.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "struts12-0:1.2.9-2.ep5.el5.noarch", product: { name: "struts12-0:1.2.9-2.ep5.el5.noarch", product_id: "struts12-0:1.2.9-2.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/struts12@1.2.9-2.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product_id: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jsf@1.2_13-3.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product_id: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-io@1.4-1.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-lib@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-webapps@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-log4j@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product_id: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-2.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-eclipse@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-parent@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product: { name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product_id: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.28-7.1.ep5.el5?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product_id: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-debuginfo@1.2.28-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product_id: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native-debuginfo@1.1.19-2.0.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-debuginfo@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-manual@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product_id: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-devel@2.2.14-4.ep5.el4?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product_id: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl22@2.2.14-4.ep5.el4?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.2.14-1.2.1.ep5.el5?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product_id: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.2.14-1.2.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product_id: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product_id: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.1.ep5.el5?arch=x86_64", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product_id: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-debuginfo@1.2.28-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product_id: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native-debuginfo@1.1.19-2.0.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product_id: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-util@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-debuginfo@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-manual@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product_id: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd22-apr-devel@2.2.14-4.ep5.el4?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product_id: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl22@2.2.14-4.ep5.el4?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product_id: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_ssl@2.2.14-1.2.1.ep5.el5?arch=i386&epoch=1", }, }, }, { category: "product_version", name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-manual@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product_id: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/httpd-devel@2.2.14-1.2.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product_id: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-ap20@1.2.28-4.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product_id: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/mod_jk-manual@1.2.28-4.1.ep5.el5?arch=i386", }, }, }, { category: "product_version", name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product_id: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat-native@1.1.19-2.0.1.ep5.el5?arch=i386", }, }, }, ], category: "architecture", name: "i386", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", }, product_reference: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", }, product_reference: "mod_jk-0:1.2.28-4.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 AS", product_id: "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", relates_to_product_reference: "4AS-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", }, product_reference: "glassfish-jsf-0:1.2_13-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", }, product_reference: "httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", }, product_reference: "jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", }, product_reference: "jakarta-commons-io-0:1.4-1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", }, product_reference: "jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", }, product_reference: "jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", }, product_reference: "jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", }, product_reference: "jboss-javaee-0:5.0.1-2.3.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", }, product_reference: "jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", }, product_reference: "mod_jk-0:1.2.28-4.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", }, product_reference: "mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64 as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", }, product_reference: "tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", }, product_reference: "tomcat5-0:5.5.28-7.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", }, product_reference: "tomcat6-0:6.0.24-2.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", }, product_reference: "xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src as a component of Red Hat JBoss Web Server 1.0 for RHEL 4 ES", product_id: "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", }, product_reference: "xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", relates_to_product_reference: "4ES-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", }, product_reference: "glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "glassfish-jsf-0:1.2_13-3.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", }, product_reference: "glassfish-jsf-0:1.2_13-3.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", }, product_reference: "jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", }, product_reference: "jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", }, product_reference: "jakarta-commons-io-0:1.4-1.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", }, product_reference: "jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", }, product_reference: "jakarta-oro-0:2.0.8-3.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-0:1.2.28-4.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", }, product_reference: "mod_jk-0:1.2.28-4.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", }, product_reference: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", }, product_reference: "mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", }, product_reference: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", }, product_reference: "mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", }, product_reference: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", }, product_reference: "mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", }, product_reference: "struts12-0:1.2.9-2.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "struts12-0:1.2.9-2.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", }, product_reference: "struts12-0:1.2.9-2.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64 as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", }, product_reference: "tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.28-7.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", }, product_reference: "tomcat5-0:5.5.28-7.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", }, product_reference: "tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-0:6.0.24-2.1.ep5.el5.src as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", }, product_reference: "tomcat6-0:6.0.24-2.1.ep5.el5.src", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, { category: "default_component_of", full_product_name: { name: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server", product_id: "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", }, product_reference: "tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", relates_to_product_reference: "5Server-JBEWS-5.0.0", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2009-3555", cwe: { id: "CWE-300", name: "Channel Accessible by Non-Endpoint", }, discovery_date: "2009-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "533125", }, ], notes: [ { category: "description", text: "The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a \"plaintext injection\" attack, aka the \"Project Mogul\" issue.", title: "Vulnerability description", }, { category: "summary", text: "TLS: MITM attacks via session renegotiation", title: "Vulnerability summary", }, { category: "other", text: "Additional information can be found in the Red Hat Knowledgebase article:\nhttps://access.redhat.com/articles/20490", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-3555", }, { category: "external", summary: "RHBZ#533125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=533125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-3555", url: "https://www.cve.org/CVERecord?id=CVE-2009-3555", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", }, ], release_date: "2009-11-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "TLS: MITM attacks via session renegotiation", }, { cve: "CVE-2010-2086", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2010-05-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "598164", }, ], notes: [ { category: "description", text: "Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.", title: "Vulnerability description", }, { category: "summary", text: "MyFaces: XSS via state view", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2086", }, { category: "external", summary: "RHBZ#598164", url: "https://bugzilla.redhat.com/show_bug.cgi?id=598164", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2086", url: "https://www.cve.org/CVERecord?id=CVE-2010-2086", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2086", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2086", }, ], release_date: "2010-02-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-02-23T20:20:00+00:00", details: "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0119", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, products: [ "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4AS-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4AS-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4AS-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4AS-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4AS-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4AS-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4AS-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-2.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.src", "4ES-JBEWS-5.0.0:httpd22-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-apr-util-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-debuginfo-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-devel-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:httpd22-manual-0:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-digester-0:1.8.1-7.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-modeler-0:2.0-3.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-commons-validator-0:1.3.1-7.4.ep5.el4.src", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3jpp.ep1.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-0:5.0.1-2.3.ep5.el4.src", "4ES-JBEWS-5.0.0:jboss-javaee-poms-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:jboss-transaction-1.0.1-api-0:5.0.1-2.3.ep5.el4.noarch", "4ES-JBEWS-5.0.0:mod_jk-0:1.2.28-4.ep5.el4.src", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-debuginfo-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.i386", "4ES-JBEWS-5.0.0:mod_ssl22-1:2.2.14-4.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.i386", "4ES-JBEWS-5.0.0:tomcat-native-debuginfo-0:1.1.19-2.0.ep5.el4.x86_64", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-0:5.5.28-7.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-0:6.0.24-2.ep5.el4.src", "4ES-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xerces-j2-0:2.9.1-2.2_patch_01.ep5.el4.src", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.noarch", "4ES-JBEWS-5.0.0:xml-commons-resolver12-1:1.2-1.1.ep5.el4.src", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.noarch", "5Server-JBEWS-5.0.0:glassfish-jsf-0:1.2_13-3.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:httpd-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-devel-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:httpd-manual-0:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-chain-0:1.2-2.1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-commons-io-0:1.4-1.1.ep5.el5.src", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:jakarta-oro-0:2.0.8-3.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-0:1.2.28-4.1.ep5.el5.src", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-ap20-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_jk-manual-0:1.2.28-4.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:mod_ssl-1:2.2.14-1.2.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.noarch", "5Server-JBEWS-5.0.0:struts12-0:1.2.9-2.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.i386", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat-native-0:1.1.19-2.0.1.ep5.el5.x86_64", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-0:5.5.28-7.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat5-admin-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-common-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-eclipse-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jasper-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-jsp-2.0-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-parent-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-server-lib-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-servlet-2.4-api-javadoc-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat5-webapps-0:5.5.28-7.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-0:6.0.24-2.1.ep5.el5.src", "5Server-JBEWS-5.0.0:tomcat6-admin-webapps-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-docs-webapp-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-el-1.0-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-javadoc-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-jsp-2.1-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-lib-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-log4j-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-servlet-2.5-api-0:6.0.24-2.1.ep5.el5.noarch", "5Server-JBEWS-5.0.0:tomcat6-webapps-0:6.0.24-2.1.ep5.el5.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "MyFaces: XSS via state view", }, ], }
rhsa-2010:0582
Vulnerability from csaf_redhat
Published
2010-08-02 20:17
Modified
2024-11-22 03:34
Summary
Red Hat Security Advisory: tomcat5 security update
Notes
Topic
Updated tomcat5 packages that fix three security issues are now available
for Red Hat Application Server v2.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
A flaw was found in the way Tomcat handled the Transfer-Encoding header in
HTTP requests. A specially-crafted HTTP request could prevent Tomcat from
sending replies, or cause Tomcat to return truncated replies, or replies
containing data related to the requests of other users, for all subsequent
HTTP requests. (CVE-2010-2227)
Two directory traversal flaws were found in the Tomcat deployment process.
A specially-crafted WAR file could, when deployed, cause a file to be
created outside of the web root into any directory writable by the Tomcat
user, or could lead to the deletion of files in the Tomcat host's work
directory. (CVE-2009-2693, CVE-2009-2902)
Users of Tomcat should upgrade to these updated packages, which contain
backported patches to resolve these issues. Tomcat must be restarted for
this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated tomcat5 packages that fix three security issues are now available\nfor Red Hat Application Server v2.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nA flaw was found in the way Tomcat handled the Transfer-Encoding header in\nHTTP requests. A specially-crafted HTTP request could prevent Tomcat from\nsending replies, or cause Tomcat to return truncated replies, or replies\ncontaining data related to the requests of other users, for all subsequent\nHTTP requests. (CVE-2010-2227)\n\nTwo directory traversal flaws were found in the Tomcat deployment process.\nA specially-crafted WAR file could, when deployed, cause a file to be\ncreated outside of the web root into any directory writable by the Tomcat\nuser, or could lead to the deletion of files in the Tomcat host's work\ndirectory. (CVE-2009-2693, CVE-2009-2902)\n\nUsers of Tomcat should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Tomcat must be restarted for\nthis update to take effect.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2010:0582", url: "https://access.redhat.com/errata/RHSA-2010:0582", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "http://tomcat.apache.org/security-5.html", url: "http://tomcat.apache.org/security-5.html", }, { category: "external", summary: "559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0582.json", }, ], title: "Red Hat Security Advisory: tomcat5 security update", tracking: { current_release_date: "2024-11-22T03:34:28+00:00", generator: { date: "2024-11-22T03:34:28+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2010:0582", initial_release_date: "2010-08-02T20:17:00+00:00", revision_history: [ { date: "2010-08-02T20:17:00+00:00", number: "1", summary: "Initial version", }, { date: "2010-08-02T16:17:44+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T03:34:28+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Application Server v2 4AS", product: { name: "Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, { category: "product_name", name: "Red Hat Application Server v2 4ES", product: { name: "Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, { category: "product_name", name: "Red Hat Application Server v2 4WS", product: { name: "Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_application_server:2", }, }, }, ], category: "product_family", name: "Red Hat Application Server", }, { branches: [ { category: "product_version", name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-server-lib@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-admin-webapps@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-webapps@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-servlet-2.4-api@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-common-lib@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jsp-2.0-api-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, { category: "product_version", name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_id: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5-jasper-javadoc@5.5.23-0jpp_4rh.17?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product_id: "tomcat5-0:5.5.23-0jpp_4rh.17.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcat5@5.5.23-0jpp_4rh.17?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4AS", product_id: "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4AS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4ES", product_id: "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4ES-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-0:5.5.23-0jpp_4rh.17.src as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", }, product_reference: "tomcat5-0:5.5.23-0jpp_4rh.17.src", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, { category: "default_component_of", full_product_name: { name: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch as a component of Red Hat Application Server v2 4WS", product_id: "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", }, product_reference: "tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", relates_to_product_reference: "4WS-RHAPS2", }, ], }, vulnerabilities: [ { cve: "CVE-2009-2693", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559738", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion and/or alteration", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2693", }, { category: "external", summary: "RHBZ#559738", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559738", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2693", url: "https://www.cve.org/CVERecord?id=CVE-2009-2693", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion and/or alteration", }, { cve: "CVE-2009-2902", discovery_date: "2010-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "559761", }, ], notes: [ { category: "description", text: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: unexpected file deletion in work directory", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2009-2902", }, { category: "external", summary: "RHBZ#559761", url: "https://bugzilla.redhat.com/show_bug.cgi?id=559761", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2009-2902", url: "https://www.cve.org/CVERecord?id=CVE-2009-2902", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2902", }, ], release_date: "2010-01-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: unexpected file deletion in work directory", }, { cve: "CVE-2010-2227", discovery_date: "2010-07-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "612799", }, ], notes: [ { category: "description", text: "Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with \"recycling of a buffer.\"", title: "Vulnerability description", }, { category: "summary", text: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2010-2227", }, { category: "external", summary: "RHBZ#612799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=612799", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2010-2227", url: "https://www.cve.org/CVERecord?id=CVE-2010-2227", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", url: "https://nvd.nist.gov/vuln/detail/CVE-2010-2227", }, ], release_date: "2010-07-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2010-08-02T20:17:00+00:00", details: "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", product_ids: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2010:0582", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, products: [ "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4AS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4AS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4ES-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4ES-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-0:5.5.23-0jpp_4rh.17.src", "4WS-RHAPS2:tomcat5-admin-webapps-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-common-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jasper-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-jsp-2.0-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-server-lib-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-servlet-2.4-api-javadoc-0:5.5.23-0jpp_4rh.17.noarch", "4WS-RHAPS2:tomcat5-webapps-0:5.5.23-0jpp_4rh.17.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header", }, ], }
fkie_cve-2009-2693
Vulnerability from fkie_nvd
Published
2010-01-28 20:30
Modified
2024-11-21 01:05
Severity ?
Summary
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "EB203AEC-2A94-48CA-A0E0-B5A8EBF028B5", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "6E98B82A-22E5-4E6C-90AE-56F5780EA147", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "34672E90-C220-436B-9143-480941227933", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "92883AFA-A02F-41A5-9977-ABEAC8AD2970", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "989A78F8-EE92-465F-8A8D-ECF0B58AFE7A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "1F5B6627-B4A4-4E2D-B96C-CA37CCC8C804", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "ACFB09F3-32D1-479C-8C39-D7329D9A6623", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "D56581E2-9ECD-426A-96D8-A9D958900AD2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*", matchCriteriaId: "717F6995-5AF0-484C-90C0-A82F25FD2E32", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*", matchCriteriaId: "5B0C01D5-773F-469C-9E69-170C2844AAA4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*", matchCriteriaId: "EB03FDFB-4DBF-4B70-BFA3-570D1DE67695", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*", matchCriteriaId: "9F5CF79C-759B-4FF9-90EE-847264059E93", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*", matchCriteriaId: "357651FD-392E-4775-BF20-37A23B3ABAE4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*", matchCriteriaId: "585B9476-6B86-4809-9B9E-26112114CB59", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*", matchCriteriaId: "6145036D-4FCE-4EBE-A137-BDFA69BA54F8", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*", matchCriteriaId: "E437055A-0A81-413F-AB08-0E9D0DC9EA30", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*", matchCriteriaId: "9276A093-9C98-4617-9941-2276995F5848", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*", matchCriteriaId: "97C9C36C-EF7E-4D42-9749-E2FF6CE35A2E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*", matchCriteriaId: "C98575E2-E39A-4A8F-B5B5-BD280B8367BC", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*", matchCriteriaId: "5BDA08E7-A417-44E8-9C89-EB22BEEC3B9E", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*", matchCriteriaId: "DCD1B6BE-CF07-4DA8-A703-4A48506C8AD6", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*", matchCriteriaId: "5878E08E-2741-4798-94E9-BA8E07386B12", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*", matchCriteriaId: "69F6BAB7-C099-4345-A632-7287AEA555B2", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*", matchCriteriaId: "F3AAF031-D16B-4D51-9581-2D1376A5157B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*", matchCriteriaId: "51120689-F5C0-4DF1-91AA-314C40A46C58", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*", matchCriteriaId: "F67477AB-85F6-421C-9C0B-C8EFB1B200CF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*", matchCriteriaId: "16D0C265-2ED9-42CF-A7D6-C7FAE4246A1B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*", matchCriteriaId: "5D70CFD9-B55D-4A29-B94C-D33F3E881A8F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:5.5.28:*:*:*:*:*:*:*", matchCriteriaId: "C1195878-CCC9-49BC-9AC7-1F88F0DFAB82", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*", matchCriteriaId: "D11D6FB7-CBDB-48C1-98CB-1B3CAA36C5D7", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", matchCriteriaId: "49E3C039-A949-4F1B-892A-57147EECB249", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "F28C7801-41B9-4552-BA1E-577967BCBBEE", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "25B21085-7259-4685-9D1F-FF98E6489E10", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "635EE321-2A1F-4FF8-95BE-0C26591969D9", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "9A81B035-8598-4D2C-B45F-C6C9D4B10C2F", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "E1096947-82A6-4EA8-A4F2-00D91E3F7DAF", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", matchCriteriaId: "B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", matchCriteriaId: "9C95ADA4-66F5-45C4-A677-ACE22367A75A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", matchCriteriaId: "11951A10-39A2-4FF5-8C43-DF94730FB794", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", matchCriteriaId: "351E5BCF-A56B-4D91-BA3C-21A4B77D529A", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", matchCriteriaId: "2DC2BBB4-171E-4EFF-A575-A5B7FF031755", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", matchCriteriaId: "6B6B0504-27C1-4824-A928-A878CBBAB32D", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", matchCriteriaId: "CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", matchCriteriaId: "D903956B-14F5-4177-AF12-0A5F1846D3C4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", matchCriteriaId: "81F847DC-A2F5-456C-9038-16A0E85F4C3B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", matchCriteriaId: "AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", matchCriteriaId: "C6B93A3A-D487-4CA1-8257-26F8FE287B8B", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", matchCriteriaId: "BD8802B2-57E0-4AA6-BC8E-00DE60468569", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", matchCriteriaId: "8461DF95-18DC-4BF5-A703-7F19DA88DC30", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", matchCriteriaId: "1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", }, { lang: "es", value: "Vulnerabilidad de salto de directorio en Apache Tomcat v5.5.0 a la v5.5.28 y v6.0.0 a la v6.0.20, permite a atacantes remotos crear, sobrescribir archivos de su elección a través de .. (punto punto) en una entrada en un archivo WAR, como se demostró con la entrada ../../bin/catalina.bat.", }, ], id: "CVE-2009-2693", lastModified: "2024-11-21T01:05:31.627", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-01-28T20:30:01.167", references: [ { source: "cve@mitre.org", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { source: "cve@mitre.org", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { source: "cve@mitre.org", url: "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=139344343412337&w=2", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38316", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38346", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38541", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/38687", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/39317", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/40330", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/40813", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/43310", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/57126", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1023505", }, { source: "cve@mitre.org", url: "http://support.apple.com/kb/HT4077", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?rev=892815&view=rev", }, { source: "cve@mitre.org", url: "http://svn.apache.org/viewvc?rev=902650&view=rev", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-5.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-6.html", }, { source: "cve@mitre.org", url: "http://ubuntu.com/usn/usn-899-1", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2011/dsa-2207", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:177", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2010-0119.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2010-0580.html", }, { source: "cve@mitre.org", url: "http://www.redhat.com/support/errata/RHSA-2010-0582.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/509148/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/516397/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/37944", }, { source: "cve@mitre.org", url: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", }, { source: "cve@mitre.org", url: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2010/0213", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/1559", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2010/1986", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55855", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355", }, { source: "cve@mitre.org", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=139344343412337&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38316", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38346", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38541", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/38687", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/39317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/40330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/40813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/43310", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/57126", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1023505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://support.apple.com/kb/HT4077", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?rev=892815&view=rev", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://svn.apache.org/viewvc?rev=902650&view=rev", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-5.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-6.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ubuntu.com/usn/usn-899-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2011/dsa-2207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0119.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0580.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0582.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/509148/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/516397/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/37944", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2010/0213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/1559", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/1986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2693\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/\n\nThis issue has been addressed in JBoss Enterprise Web Server 1.0.1: https://rhn.redhat.com/errata/RHSA-2010-0119.html", lastModified: "2010-03-02T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-ggx9-4728-588r
Vulnerability from github
Published
2022-05-02 03:37
Modified
2024-02-21 16:44
Summary
Apache Tomcat Directory Traversal vulnerability
Details
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
{ affected: [ { database_specific: { last_known_affected_version_range: "<= 5.5.28", }, package: { ecosystem: "Maven", name: "org.apache.tomcat:tomcat", }, ranges: [ { events: [ { introduced: "5.5.0", }, { fixed: "5.5.29", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Maven", name: "org.apache.tomcat:tomcat", }, ranges: [ { events: [ { introduced: "6.0.0", }, { fixed: "6.0.24", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2009-2693", ], database_specific: { cwe_ids: [ "CWE-22", ], github_reviewed: true, github_reviewed_at: "2024-02-08T21:29:22Z", nvd_published_at: "2010-01-28T20:30:00Z", severity: "MODERATE", }, details: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a `..` (dot dot) in an entry in a WAR file, as demonstrated by a `../../bin/catalina.bat` entry.", id: "GHSA-ggx9-4728-588r", modified: "2024-02-21T16:44:38Z", published: "2022-05-02T03:37:48Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2009-2693", }, { type: "WEB", url: "https://github.com/apache/tomcat/commit/3e1010b1a2f648581fac3d68afbf18f2979f6bf6", }, { type: "WEB", url: "https://github.com/apache/tomcat55/commit/0299cb724ea71f304d54adfcdb950f59b01fb421", }, { type: "WEB", url: "https://web.archive.org/web/20201206235536/http://www.securityfocus.com/archive/1/509148/100/0/threaded", }, { type: "WEB", url: "https://web.archive.org/web/20200516121700/http://www.securityfocus.com/archive/1/516397/100/0/threaded", }, { type: "WEB", url: "https://web.archive.org/web/20200229071135/http://www.securityfocus.com/bid/37944", }, { type: "WEB", url: "https://support.hpe.com/hpesc/public/docDisplay?docId=c02241113", }, { type: "WEB", url: "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7017", }, { type: "WEB", url: "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:19355", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", }, { type: "WEB", url: "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", }, { type: "PACKAGE", url: "https://github.com/apache/tomcat", }, { type: "WEB", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55855", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2010:0582", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2010:0580", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2010:0119", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=139344343412337&w=2", }, { type: "WEB", url: "http://support.apple.com/kb/HT4077", }, { type: "WEB", url: "http://svn.apache.org/viewvc?rev=892815&view=rev", }, { type: "WEB", url: "http://svn.apache.org/viewvc?rev=902650&view=rev", }, { type: "WEB", url: "http://tomcat.apache.org/security-5.html", }, { type: "WEB", url: "http://tomcat.apache.org/security-6.html", }, { type: "WEB", url: "http://ubuntu.com/usn/usn-899-1", }, { type: "WEB", url: "http://www.debian.org/security/2011/dsa-2207", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:177", }, { type: "WEB", url: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", }, { type: "WEB", url: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", }, ], schema_version: "1.4.0", severity: [], summary: "Apache Tomcat Directory Traversal vulnerability", }
gsd-2009-2693
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.
Aliases
Aliases
{ GSD: { alias: "CVE-2009-2693", description: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", id: "GSD-2009-2693", references: [ "https://www.suse.com/security/cve/CVE-2009-2693.html", "https://www.debian.org/security/2011/dsa-2207", "https://access.redhat.com/errata/RHSA-2010:0693", "https://access.redhat.com/errata/RHSA-2010:0582", "https://access.redhat.com/errata/RHSA-2010:0580", "https://access.redhat.com/errata/RHSA-2010:0119", "https://linux.oracle.com/cve/CVE-2009-2693.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2009-2693", ], details: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", id: "GSD-2009-2693", modified: "2023-12-13T01:19:46.292580Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-2693", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "HPSBUX02541", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { name: "HPSBMA02535", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { name: "http://svn.apache.org/viewvc?rev=892815&view=rev", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?rev=892815&view=rev", }, { name: "39317", refsource: "SECUNIA", url: "http://secunia.com/advisories/39317", }, { name: "DSA-2207", refsource: "DEBIAN", url: "http://www.debian.org/security/2011/dsa-2207", }, { name: "openSUSE-SU-2012:1700", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", }, { name: "HPSBUX02860", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "40330", refsource: "SECUNIA", url: "http://secunia.com/advisories/40330", }, { name: "MDVSA-2010:177", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:177", }, { name: "1023505", refsource: "SECTRACK", url: "http://securitytracker.com/id?1023505", }, { name: "43310", refsource: "SECUNIA", url: "http://secunia.com/advisories/43310", }, { name: "tomcat-war-directory-traversal(55855)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55855", }, { name: "SSRT100029", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { name: "ADV-2010-1559", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/1559", }, { name: "APPLE-SA-2010-03-29-1", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", }, { name: "HPSBOV02762", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "37944", refsource: "BID", url: "http://www.securityfocus.com/bid/37944", }, { name: "ADV-2010-1986", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/1986", }, { name: "RHSA-2010:0580", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0580.html", }, { name: "oval:org.mitre.oval:def:7017", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017", }, { name: "40813", refsource: "SECUNIA", url: "http://secunia.com/advisories/40813", }, { name: "38541", refsource: "SECUNIA", url: "http://secunia.com/advisories/38541", }, { name: "MDVSA-2010:176", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", }, { name: "http://tomcat.apache.org/security-6.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-6.html", }, { name: "57126", refsource: "SECUNIA", url: "http://secunia.com/advisories/57126", }, { name: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", refsource: "CONFIRM", url: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", }, { name: "20100124 [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/509148/100/0/threaded", }, { name: "USN-899-1", refsource: "UBUNTU", url: "http://ubuntu.com/usn/usn-899-1", }, { name: "http://support.apple.com/kb/HT4077", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT4077", }, { name: "SUSE-SR:2010:008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", }, { name: "openSUSE-SU-2013:0147", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", }, { name: "38687", refsource: "SECUNIA", url: "http://secunia.com/advisories/38687", }, { name: "38346", refsource: "SECUNIA", url: "http://secunia.com/advisories/38346", }, { name: "SSRT100825", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "http://tomcat.apache.org/security-5.html", refsource: "CONFIRM", url: "http://tomcat.apache.org/security-5.html", }, { name: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", refsource: "CONFIRM", url: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", }, { name: "RHSA-2010:0119", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0119.html", }, { name: "RHSA-2010:0582", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-0582.html", }, { name: "oval:org.mitre.oval:def:19355", refsource: "OVAL", url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355", }, { name: "SSRT101146", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "38316", refsource: "SECUNIA", url: "http://secunia.com/advisories/38316", }, { name: "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/516397/100/0/threaded", }, { name: "ADV-2010-0213", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/0213", }, { name: "HPSBST02955", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=139344343412337&w=2", }, { name: "SSRT100145", refsource: "HP", url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { name: "http://svn.apache.org/viewvc?rev=902650&view=rev", refsource: "CONFIRM", url: "http://svn.apache.org/viewvc?rev=902650&view=rev", }, { name: "openSUSE-SU-2012:1701", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.28:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-2693", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-22", }, ], }, ], }, references: { reference_data: [ { name: "http://svn.apache.org/viewvc?rev=892815&view=rev", refsource: "CONFIRM", tags: [ "Patch", ], url: "http://svn.apache.org/viewvc?rev=892815&view=rev", }, { name: "1023505", refsource: "SECTRACK", tags: [], url: "http://securitytracker.com/id?1023505", }, { name: "ADV-2010-0213", refsource: "VUPEN", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2010/0213", }, { name: "http://svn.apache.org/viewvc?rev=902650&view=rev", refsource: "CONFIRM", tags: [], url: "http://svn.apache.org/viewvc?rev=902650&view=rev", }, { name: "38316", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38316", }, { name: "38346", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38346", }, { name: "http://tomcat.apache.org/security-6.html", refsource: "CONFIRM", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-6.html", }, { name: "http://tomcat.apache.org/security-5.html", refsource: "CONFIRM", tags: [ "Patch", "Vendor Advisory", ], url: "http://tomcat.apache.org/security-5.html", }, { name: "37944", refsource: "BID", tags: [], url: "http://www.securityfocus.com/bid/37944", }, { name: "38541", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/38541", }, { name: "USN-899-1", refsource: "UBUNTU", tags: [], url: "http://ubuntu.com/usn/usn-899-1", }, { name: "38687", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/38687", }, { name: "RHSA-2010:0119", refsource: "REDHAT", tags: [], url: "http://www.redhat.com/support/errata/RHSA-2010-0119.html", }, { name: "http://support.apple.com/kb/HT4077", refsource: "CONFIRM", tags: [], url: "http://support.apple.com/kb/HT4077", }, { name: "APPLE-SA-2010-03-29-1", refsource: "APPLE", tags: [], url: "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html", }, { name: "SUSE-SR:2010:008", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", }, { name: "39317", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/39317", }, { name: "40330", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/40330", }, { name: "ADV-2010-1559", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2010/1559", }, { name: "HPSBUX02541", refsource: "HP", tags: [], url: "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113", }, { name: "40813", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/40813", }, { name: "RHSA-2010:0580", refsource: "REDHAT", tags: [], url: "http://www.redhat.com/support/errata/RHSA-2010-0580.html", }, { name: "ADV-2010-1986", refsource: "VUPEN", tags: [], url: "http://www.vupen.com/english/advisories/2010/1986", }, { name: "RHSA-2010:0582", refsource: "REDHAT", tags: [], url: "http://www.redhat.com/support/errata/RHSA-2010-0582.html", }, { name: "MDVSA-2010:176", refsource: "MANDRIVA", tags: [], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:176", }, { name: "MDVSA-2010:177", refsource: "MANDRIVA", tags: [], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:177", }, { name: "43310", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/43310", }, { name: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", refsource: "CONFIRM", tags: [], url: "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", }, { name: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", refsource: "CONFIRM", tags: [], url: "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", }, { name: "DSA-2207", refsource: "DEBIAN", tags: [], url: "http://www.debian.org/security/2011/dsa-2207", }, { name: "openSUSE-SU-2012:1700", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", }, { name: "openSUSE-SU-2012:1701", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", }, { name: "openSUSE-SU-2013:0147", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", }, { name: "HPSBUX02860", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=136485229118404&w=2", }, { name: "HPSBST02955", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=139344343412337&w=2", }, { name: "57126", refsource: "SECUNIA", tags: [], url: "http://secunia.com/advisories/57126", }, { name: "HPSBOV02762", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=133469267822771&w=2", }, { name: "HPSBMA02535", refsource: "HP", tags: [], url: "http://marc.info/?l=bugtraq&m=127420533226623&w=2", }, { name: "tomcat-war-directory-traversal(55855)", refsource: "XF", tags: [], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/55855", }, { name: "oval:org.mitre.oval:def:7017", refsource: "OVAL", tags: [], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7017", }, { name: "oval:org.mitre.oval:def:19355", refsource: "OVAL", tags: [], url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19355", }, { name: "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", refsource: "BUGTRAQ", tags: [], url: "http://www.securityfocus.com/archive/1/516397/100/0/threaded", }, { name: "20100124 [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration", refsource: "BUGTRAQ", tags: [], url: "http://www.securityfocus.com/archive/1/509148/100/0/threaded", }, { name: "[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E", }, { name: "[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/", refsource: "MLIST", tags: [], url: "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, }, lastModifiedDate: "2019-03-25T11:30Z", publishedDate: "2010-01-28T20:30Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.