Title:
CVE-2009-0781: XSS in tomcat6 and tomcat5.5
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tomcat5.5/+bug/341278/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https
Jaunty is EOL.
** Changed in: tomcat5.5 (Ubuntu Jaunty)
Status: Confirmed = Won't Fix
--
CVE-2009-0781: XSS in tomcat6 and tomcat5.5
https://bugs.launchpad.net/bugs/341278
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in
Marking parent task as Won't Fix since it tracks Jaunty, but leaving
Hardy. On Hardy, this package is in universe and is community supported.
If someone is able, perhaps you could prepare debdiffs to fix this by
following https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures.
** Changed in:
Intrepid Ibex reached end-of-life on 30 April 2010 so I am closing the
report. The bug is still marked as confirmed in later versions of Ubuntu.
** Changed in: tomcat5.5 (Ubuntu Intrepid)
Status: Confirmed = Invalid
--
CVE-2009-0781: XSS in tomcat6 and tomcat5.5
** Branch linked: lp:ubuntu/jaunty-security/tomcat6
--
CVE-2009-0781: XSS in tomcat6 and tomcat5.5
https://bugs.launchpad.net/bugs/341278
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in ubuntu.
--
Ubuntu-server-bugs mailing
** Changed in: tomcat6 (Ubuntu)
Status: Confirmed = Fix Released
--
CVE-2009-0781: XSS in tomcat6 and tomcat5.5
https://bugs.launchpad.net/bugs/341278
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in ubuntu.
--
** Bug watch added: Debian Bug tracker #532362
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532362
** Also affects: tomcat6 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532362
Importance: Unknown
Status: Unknown
--
CVE-2009-0781: XSS in tomcat6 and tomcat5.5
This bug was fixed in the package tomcat6 - 6.0.18-0ubuntu3.2
---
tomcat6 (6.0.18-0ubuntu3.2) intrepid-security; urgency=low
* SECURITY UPDATE: security bypass via specially crafted request
- debian/patches/security-CVE-2008-5515.patch: use only a single
normalise
This bug was fixed in the package tomcat6 - 6.0.18-0ubuntu6.1
---
tomcat6 (6.0.18-0ubuntu6.1) jaunty-security; urgency=low
* SECURITY UPDATE: security bypass via specially crafted request
- debian/patches/security-CVE-2008-5515.patch: use only a single
normalise
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0781
--
CVE-2009-0781: XSS in tomcat6 and tomcat5.5
https://bugs.launchpad.net/bugs/341278
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in ubuntu.
--
The 18 month support period for Gutsy Gibbon 7.10 has reached its end of life -
http://www.ubuntu.com/news/ubuntu-7.10-eol . As a result, we are closing the
Gutsy task.
** Changed in: tomcat5.5 (Ubuntu Gutsy)
Status: Confirmed = Won't Fix
--
CVE-2009-0781: XSS in tomcat6 and tomcat5.5
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: tomcat6
PublicDate: 2009-03-09
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781
Description:
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the
calendar
12 matches
Mail list logo