Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-3846

JBWEB-163: CVE-2009-2901, CVE-2009-2902

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Major Major
    • EAP_EWP 5.1.0
    • None
    • Web
    • None
    • Release Notes
    • Hide
      SHORT DESCRIPTION:
              Provide fix for JBWEB-163.
      LONG DESCRIPTION:
              Patch for CVE-2009-2901, CVE-2009-2902.
      MANUAL INSTALL INSTRUCTIONS:
              Replace the existing %JBOSS_HOME%/server/%JBOSSCONF%/jbossweb.sar/jbossweb.jar with the new jbossweb.jar
      COMPATIBILITY:
             5.0.1.GA
      SUPERSEDES:
              N/A
      CREATOR:
              Mike Millson
      DATE:
              5-March-2010
      Show
      SHORT DESCRIPTION:         Provide fix for JBWEB-163. LONG DESCRIPTION:         Patch for CVE-2009-2901, CVE-2009-2902. MANUAL INSTALL INSTRUCTIONS:         Replace the existing %JBOSS_HOME%/server/%JBOSSCONF%/jbossweb.sar/jbossweb.jar with the new jbossweb.jar COMPATIBILITY:        5.0.1.GA SUPERSEDES:         N/A CREATOR:         Mike Millson DATE:         5-March-2010

      CVE-2009-2901 tomcat: insecure partial deploy after failed undeploy
      CVE-2009-2902 tomcat: unexpected file deletion in work directory

              rhn-support-mmillson Michael Millson
              rhn-support-mmillson Michael Millson
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: