Jeff Lord created HDFS-4323:
-------------------------------

             Summary: HttpFS is using Tomcat 6.0.32 which has numerous 
vulnerabilities
                 Key: HDFS-4323
                 URL: https://issues.apache.org/jira/browse/HDFS-4323
             Project: Hadoop HDFS
          Issue Type: Bug
    Affects Versions: 2.0.2-alpha
            Reporter: Jeff Lord


Apache Tomcat DIGEST Vulnerabilities Medium CVE-2011-5064 5.0 Fail 
Apache Tomcat DIGEST Vulnerabilities Medium CVE-2011-5063 5.0 Fail      
Apache Tomcat DIGEST Vulnerabilities Medium CVE-2011-1184 5.0 Fail      
Apache Tomcat DIGEST Vulnerabilities Medium CVE-2011-5062 5.0 Fail      

Apache Tomcat Multiple Vulnerabilities (201108) Medium CVE-2011-2204 5.0 Fail 
Apache Tomcat Multiple Vulnerabilities (201108) Medium CVE-2011-2526 5.0 Fail 
Apache Tomcat Multiple Vulnerabilities (201108) Medium CVE-2011-2481 5.0 Fail 
Apache Tomcat Multiple Vulnerabilities (201108) Medium CVE-2011-2729 5.0 Fail 

Apache Tomcat Request Object Information Disclosure (20111001) Medium 
CVE-2011-3375 5.0 Fail

All of these have been fixed in subsequent release of Tomcat.
http://tomcat.apache.org/security-6.html

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to