RedHat Security Advisory RHSA-2009:1563

The remote host is missing updates announced in advisory RHSA-2009:1563. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not address all possible flaws in the way Tomcat handle...

RedHat Security Advisory RHSA-2009:1562

The remote host is missing updates announced in advisory RHSA-2009:1562. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not address all possible flaws in the way Tomcat handle...

Fedora Core 10 FEDORA-2009-11029 (expat)

The remote host is missing an update to expat announced via advisory FEDORA-2009-11029. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

RedHat Security Advisory RHSA-2009:1562

The remote host is missing updates announced in advisory RHSA-2009:1562. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not address all possible flaws in the way Tomcat handle...

Moderate: Red Hat Security Advisory: 4Suite security update

An updated 4Suite package that fixes one security issue is now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The 4Suite package contains XML-related tools and libraries for Python, including 4DO...

Important: Red Hat Security Advisory: tomcat security update

Updated tomcat packages that fix several security issues are now available for Red Hat Developer Suite 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP...

Important: Red Hat Security Advisory: tomcat security update

Updated tomcat packages that fix several security issues are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

[SECURITY] Fedora 11 Update: PyXML-0.8.4-16.fc11

An XML package for Python. The distribution contains a validating XML parser, an implementation of the SAX and DOM programming interfaces and an interface to the Expat parser...

[SECURITY] Fedora 10 Update: expat-2.0.1-5.fc10.1

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

[SECURITY] Fedora 10 Update: PyXML-0.8.4-12.fc10

An XML package for Python. The distribution contains a validating XML parser, an implementation of the SAX and DOM programming interfaces and an interface to the Expat parser...

tomcat XML parser information disclosure

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the 1 web.xml, 2 context.xml, or 3 tld files of arbitrary web applications via a crafted...

SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 6352)

This update of tomcat fixes several vulnerabilities : - RequestDispatcher usage can lead to information leakage. CVE-2008-5515 - denial of service via AJP connection. CVE-2009-0033 - some authentication classes allow user enumeration. CVE-2009-0580 - XSS bug in example application cal2.jsp...

SuSE 10 Security Update : libapr-util1 (ZYPP Patch Number 6289)

This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR WebDAV for example CVE-2009-1955. Additionally a one byte buffer overflow in function aprbrigadevprintf CVE-2009-1956 and buffer underflow...

neon security update

CentOS Errata and Security Advisory CESA-2009:1452 Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. neon is an HTTP and WebDAV client...

RHEL 4 / 5 : neon (RHSA-2009:1452)

Updated neon packages that fix two security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. neon is an HTTP and WebDAV client library, with a C interface. It provides a high-level...

Fixed in Apache Tomcat 5.5.28

Important: Information Disclosure CVE-2008-5515 When using a RequestDispatcher obtained from the Request, the target path was normalised before the query string was removed. A request that included a specially crafted request parameter could be used to access content that would otherwise be...

Mandrake Security Advisory MDVSA-2009:215 (audacity)

The remote host is missing an update to audacity announced via advisory MDVSA-2009:215. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

[SECURITY] Fedora 11 Update: xerces-c-2.8.0-5.fc11

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...

[SECURITY] Fedora 11 Update: xerces-c27-2.7.0-8.fc11

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and wri te XML data. A shared library is provided for parsing, generating, manipulatin g, and validating XML documents. Xerces-C is faithful to the XML 1.0...