From: Mark Thomas
To: Tomcat Users List
Sent: Tuesday, August 16, 2011 12:03 PM
Subject: Re: CVE-2011-2729
On 16/08/2011 17:01, Mladen Turk wrote:
> On 08/16/2011 05:59 PM, Mark Thomas wrote:
>> On 16/08/2011 16:56, Randal Bankman wrote:
>
On 16/08/2011 17:01, Mladen Turk wrote:
> On 08/16/2011 05:59 PM, Mark Thomas wrote:
>> On 16/08/2011 16:56, Randal Bankman wrote:
>>> Greetings,
>>> A recent update to Tomcat (7.0.20) notes the vulnerability affects
>>> Linux. I wanted to ask if that is Linux and only Linux or does it
>>> inc
On 08/16/2011 05:59 PM, Mark Thomas wrote:
On 16/08/2011 16:56, Randal Bankman wrote:
Greetings,
A recent update to Tomcat (7.0.20) notes the vulnerability affects Linux. I
wanted to ask if that is Linux and only Linux or does it include other
Unix-like system(or even Unix proper)?
It app
On 16/08/2011 16:56, Randal Bankman wrote:
> Greetings,
> >
> A recent update to Tomcat (7.0.20) notes the vulnerability affects Linux. I
> wanted to ask if that is Linux and only Linux or does it include other
> Unix-like system(or even Unix proper)?
It applies to any OS that uses jsvc, which
Greetings,
A recent update to Tomcat (7.0.20) notes the vulnerability affects Linux. I
wanted to ask if that is Linux and only Linux or does it include other
Unix-like system(or even Unix proper)?
Thanks!
Randal
CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)
Severity: Important
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 7.0.0 to 7.0.19
Tomcat 6.0.30 to 6.0.32
Tomcat 5.5.32 to 5.5.33
Description:
Due to a bug in the capabilities code, jsvc (the service
