Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1354585 - tomcat-7.0.65-1.el6 possible affected by CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2015-5346, CVE-2015-5351
Summary: tomcat-7.0.65-1.el6 possible affected by CVE-2015-5345, CVE-2016-0706, CVE-20...
Keywords:
Status: CLOSED DUPLICATE of bug 1352009
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: tomcat
Version: el6
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Ivan Afonichev
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-07-11 15:58 UTC by Nate Woodward
Modified: 2016-07-11 16:11 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-07-11 16:11:56 UTC


Attachments (Terms of Use)

Description Nate Woodward 2016-07-11 15:58:08 UTC
Description of problem:

The version of tomcat in the EPEL repository predates several CVEs, listed below. Are there any plans to package a newer version of tomcat for EPEL?

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5345

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0706

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0714

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5346

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5351


Version-Release number of selected component (if applicable):

7.0.65-1.el6

Comment 1 Coty Sutherland 2016-07-11 16:11:56 UTC

*** This bug has been marked as a duplicate of bug 1352009 ***


Note You need to log in before you can comment on or make changes to this bug.