-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:177 http://www.mandriva.com/security/ _______________________________________________________________________ Package : tomcat5 Date : September 12, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in tomcat5: Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693). The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests (CVE-2009-2901). Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename (CVE-2009-2902). Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply (CVE-2010-1157). Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with recycling of a buffer. (CVE-2010-2227) Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 8acf9b19d3bc7c3fff0b344de86c70f3 2009.0/i586/tomcat5-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 24cd8e1808ad3ceaf075106caf92aa23 2009.0/i586/tomcat5-admin-webapps-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 84d6a9ed877513fa6fc6813787e39f49 2009.0/i586/tomcat5-common-lib-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 62605d3205dbaf3ce9efd4bb321bf86c 2009.0/i586/tomcat5-jasper-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 8ada34b16dc8de342c481f2eec40657b 2009.0/i586/tomcat5-jasper-eclipse-5.5.27-0.3.0.3mdv2009.0.noarch.rpm a7bdbae6423d80ae6a9e101cca23c889 2009.0/i586/tomcat5-jasper-javadoc-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 492af8da06f499e5fe42dc183aaa56d5 2009.0/i586/tomcat5-jsp-2.0-api-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 7374f75867673fe9278f7ba0a0d036e1 2009.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.3mdv2009.0.noarch.rpm b69b5652acd6b08131b6379f7e550228 2009.0/i586/tomcat5-server-lib-5.5.27-0.3.0.3mdv2009.0.noarch.rpm ba6fd8a8011e1e7a5f3956394a14a9c0 2009.0/i586/tomcat5-servlet-2.4-api-5.5.27-0.3.0.3mdv2009.0.noarch.rpm f361e696268e1740d5b31d2a4348e1ae 2009.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 5e9861d7e4e517eed0aaae9f59cb47c9 2009.0/i586/tomcat5-webapps-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 156b19d5bd8d819ca1c01f39fbe36000 2009.0/SRPMS/tomcat5-5.5.27-0.3.0.3mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: e9c7d3b25f18c867196c5f263f47736d 2009.0/x86_64/tomcat5-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 1871956b860b5532f551359880642722 2009.0/x86_64/tomcat5-admin-webapps-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 3887ce7464f594812d488362eaaecfe6 2009.0/x86_64/tomcat5-common-lib-5.5.27-0.3.0.3mdv2009.0.noarch.rpm b7782864a91888953860fd68bc717659 2009.0/x86_64/tomcat5-jasper-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 7e9dc27c11d87c7e4aeb99f12110f727 2009.0/x86_64/tomcat5-jasper-eclipse-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 998d11649d71b85d888cbe989bf1290c 2009.0/x86_64/tomcat5-jasper-javadoc-5.5.27-0.3.0.3mdv2009.0.noarch.rpm e5f838cbc7ab76840fa89827283aded4 2009.0/x86_64/tomcat5-jsp-2.0-api-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 2312d244f53c71c5bc8ac7b48d6488a6 2009.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.3mdv2009.0.noarch.rpm e2cff3b151c6b924b350fec37c8621ab 2009.0/x86_64/tomcat5-server-lib-5.5.27-0.3.0.3mdv2009.0.noarch.rpm b73104f8db832caa0efd5868129dc6a3 2009.0/x86_64/tomcat5-servlet-2.4-api-5.5.27-0.3.0.3mdv2009.0.noarch.rpm b46caa6bb5020b496a2d9b13b2228e11 2009.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.3mdv2009.0.noarch.rpm baea2f989d9bcb9312b4fec1e8bd53c4 2009.0/x86_64/tomcat5-webapps-5.5.27-0.3.0.3mdv2009.0.noarch.rpm 156b19d5bd8d819ca1c01f39fbe36000 2009.0/SRPMS/tomcat5-5.5.27-0.3.0.3mdv2009.0.src.rpm Mandriva Linux 2009.1: cab52c9aa3fb6064f1483587d7c48418 2009.1/i586/tomcat5-5.5.27-0.3.0.2mdv2009.1.noarch.rpm fad046cd891dbc342ec6263f6d51e99f 2009.1/i586/tomcat5-admin-webapps-5.5.27-0.3.0.2mdv2009.1.noarch.rpm c6a921896d29b91a6778462b5af71919 2009.1/i586/tomcat5-common-lib-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 7e8b7ca4ac45d58e6ba9355c13d0c709 2009.1/i586/tomcat5-jasper-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 51436f4131d7def6565439776eac7d34 2009.1/i586/tomcat5-jasper-eclipse-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 66f477706edc3fddb0961df0fc3c36ee 2009.1/i586/tomcat5-jasper-javadoc-5.5.27-0.3.0.2mdv2009.1.noarch.rpm d46b8bfcbbdf8f65d386e1c613cd31c1 2009.1/i586/tomcat5-jsp-2.0-api-5.5.27-0.3.0.2mdv2009.1.noarch.rpm a5c5a209b03aa3cd4a8732c488955a99 2009.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 9d21201a0a6fc4536f30dc97b0b6ad33 2009.1/i586/tomcat5-server-lib-5.5.27-0.3.0.2mdv2009.1.noarch.rpm e445e97389e92ee8662aa8d12c5fc3ee 2009.1/i586/tomcat5-servlet-2.4-api-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 8df903387044e831a7e16c2e6269cd7c 2009.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 0c130f82ea521511e011d217938668af 2009.1/i586/tomcat5-webapps-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 5601f7824b6b6ca0a2a88d27c9007f42 2009.1/SRPMS/tomcat5-5.5.27-0.3.0.2mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: aa3c3c356fdf152315e5d808fc911289 2009.1/x86_64/tomcat5-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 544496fb6696a6603e42b9d5ab7ff7de 2009.1/x86_64/tomcat5-admin-webapps-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 6194b3f0a451e1b3a8f0d26152d01140 2009.1/x86_64/tomcat5-common-lib-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 309d4faba3b67ada5ebca031a6783645 2009.1/x86_64/tomcat5-jasper-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 10d9c7c31f3f79db7f6f2960317cd79d 2009.1/x86_64/tomcat5-jasper-eclipse-5.5.27-0.3.0.2mdv2009.1.noarch.rpm dea0cc9ba9af60fadfa1017f42251ab8 2009.1/x86_64/tomcat5-jasper-javadoc-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 4766a1e651303240a31f149a5a1f88b4 2009.1/x86_64/tomcat5-jsp-2.0-api-5.5.27-0.3.0.2mdv2009.1.noarch.rpm ac887fbf740bbd7b2328249a36174c39 2009.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 25bdcbbabd4d73fea96068142bdcacb2 2009.1/x86_64/tomcat5-server-lib-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 986fe53800003dda2e63432ebabc1554 2009.1/x86_64/tomcat5-servlet-2.4-api-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 4d388fac7256f824ccef93c6a9899490 2009.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.2mdv2009.1.noarch.rpm e7baa692c1128ec736d3ed43c1e44ea9 2009.1/x86_64/tomcat5-webapps-5.5.27-0.3.0.2mdv2009.1.noarch.rpm 5601f7824b6b6ca0a2a88d27c9007f42 2009.1/SRPMS/tomcat5-5.5.27-0.3.0.2mdv2009.1.src.rpm Mandriva Linux 2010.0: e7551ddca72ad30c7360c526419c0611 2010.0/i586/tomcat5-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 80b96e914846f0bcedd2068a3d07425a 2010.0/i586/tomcat5-admin-webapps-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 236520aa0b3ca0a6a79b149043eb7835 2010.0/i586/tomcat5-common-lib-5.5.27-0.5.0.1mdv2010.0.noarch.rpm eb5d7e353d8f509a795ebaa7e3f48e24 2010.0/i586/tomcat5-jasper-5.5.27-0.5.0.1mdv2010.0.noarch.rpm f06526b1eaf3f2c3de5df6ab63248b37 2010.0/i586/tomcat5-jasper-eclipse-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 65893ca00403c565b7382a3796cf9366 2010.0/i586/tomcat5-jasper-javadoc-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 61ddfddea5a1a905e299d74001589cf5 2010.0/i586/tomcat5-jsp-2.0-api-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 4a8956510f5b05123b8a6896aab69a4b 2010.0/i586/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 0119adf62661d843d24365d8c9824e3a 2010.0/i586/tomcat5-server-lib-5.5.27-0.5.0.1mdv2010.0.noarch.rpm dc3a282347abd7e55cfd0faf2ec07d89 2010.0/i586/tomcat5-servlet-2.4-api-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 66f7c0b918f2c9c006ef81e38b5e6adc 2010.0/i586/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 21f5a380760aa2e4afd93e79897dcafb 2010.0/i586/tomcat5-webapps-5.5.27-0.5.0.1mdv2010.0.noarch.rpm ccb9de1fbf5b83fa31980554eccc120f 2010.0/SRPMS/tomcat5-5.5.27-0.5.0.1mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: d664668674cb3d43ea82e88073da0301 2010.0/x86_64/tomcat5-5.5.27-0.5.0.1mdv2010.0.noarch.rpm a57d959e26dca1160fa3ebe49ea8ca8a 2010.0/x86_64/tomcat5-admin-webapps-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 2cbce722a9818153f481dff3c9de8859 2010.0/x86_64/tomcat5-common-lib-5.5.27-0.5.0.1mdv2010.0.noarch.rpm c83007e67653b23f949905938fda231d 2010.0/x86_64/tomcat5-jasper-5.5.27-0.5.0.1mdv2010.0.noarch.rpm cb43268e3b165306312ef9fab2b8bbd6 2010.0/x86_64/tomcat5-jasper-eclipse-5.5.27-0.5.0.1mdv2010.0.noarch.rpm be9e3bf0fe8aa457c11dfc3fe0683833 2010.0/x86_64/tomcat5-jasper-javadoc-5.5.27-0.5.0.1mdv2010.0.noarch.rpm c6466977f414c106450a2d3d77eb78fe 2010.0/x86_64/tomcat5-jsp-2.0-api-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 2709272d4e3c41086d4a3f44b6f1f26a 2010.0/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.5.0.1mdv2010.0.noarch.rpm ec79ddd1964a360bfeab44ffbce86945 2010.0/x86_64/tomcat5-server-lib-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 0d1a7269155ada01b4ea90aec242af7d 2010.0/x86_64/tomcat5-servlet-2.4-api-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 36397245b5677e0459ff2d520e298ab9 2010.0/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.5.0.1mdv2010.0.noarch.rpm 487bfd5d2efec818b8805cc284c10e96 2010.0/x86_64/tomcat5-webapps-5.5.27-0.5.0.1mdv2010.0.noarch.rpm ccb9de1fbf5b83fa31980554eccc120f 2010.0/SRPMS/tomcat5-5.5.27-0.5.0.1mdv2010.0.src.rpm Mandriva Linux 2010.1: 88027fa3f802283a4ef7353c228f3397 2010.1/i586/tomcat5-5.5.28-0.5.0.1mdv2010.1.noarch.rpm cf4f8619f5cd5cabb592ae9347efe0cd 2010.1/i586/tomcat5-admin-webapps-5.5.28-0.5.0.1mdv2010.1.noarch.rpm a2581abf6887597640630e2562e212ca 2010.1/i586/tomcat5-common-lib-5.5.28-0.5.0.1mdv2010.1.noarch.rpm aa4ff880cb8875712d5b76059cfc5e8f 2010.1/i586/tomcat5-jasper-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 1ff86a89656640b7fb2e20c5d1a8fcdb 2010.1/i586/tomcat5-jasper-eclipse-5.5.28-0.5.0.1mdv2010.1.noarch.rpm c757c665394b2b8a770c1b989e2cb2ec 2010.1/i586/tomcat5-jasper-javadoc-5.5.28-0.5.0.1mdv2010.1.noarch.rpm be9c5cd9fb2398b014b0eff2c0250032 2010.1/i586/tomcat5-jsp-2.0-api-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 8734f644b4b8ab3199052a7d515061e6 2010.1/i586/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 6d586aa9d9d64ffb076f0c06a5a35e4a 2010.1/i586/tomcat5-server-lib-5.5.28-0.5.0.1mdv2010.1.noarch.rpm a48281f91fc96e266cff4ff2d1b45b4c 2010.1/i586/tomcat5-servlet-2.4-api-5.5.28-0.5.0.1mdv2010.1.noarch.rpm d016eaded2407ec54e452e0c9effbd7a 2010.1/i586/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.1mdv2010.1.noarch.rpm cf6316c40ade89b9ae46baa0ce50d9bc 2010.1/i586/tomcat5-webapps-5.5.28-0.5.0.1mdv2010.1.noarch.rpm cf4c2bce29ceca7ee5e7a9bd7b86a7f8 2010.1/SRPMS/tomcat5-5.5.28-0.5.0.1mdv2010.1.src.rpm Mandriva Linux 2010.1/X86_64: 01dc5c70b5af409b53c3f784a9fc78cd 2010.1/x86_64/tomcat5-5.5.28-0.5.0.1mdv2010.1.noarch.rpm b81765c4aa7baafb53f74b90ce4c7a0c 2010.1/x86_64/tomcat5-admin-webapps-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 4a5f251238b8703afea594dd5dd707c6 2010.1/x86_64/tomcat5-common-lib-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 8695a9209d7034d1ee4ea81e737798be 2010.1/x86_64/tomcat5-jasper-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 4644c9a6e207b326ee75a0d82eedb895 2010.1/x86_64/tomcat5-jasper-eclipse-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 979492775ba18d5ff728796a085f0dcf 2010.1/x86_64/tomcat5-jasper-javadoc-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 519be8ca6c43f6b0ff17b10716d736f7 2010.1/x86_64/tomcat5-jsp-2.0-api-5.5.28-0.5.0.1mdv2010.1.noarch.rpm 2e3a9f7cce6b5db20ba1606dbebcefcc 2010.1/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.28-0.5.0.1mdv2010.1.noarch.rpm ea9b1862cd2762c43e1aacea22dfdb38 2010.1/x86_64/tomcat5-server-lib-5.5.28-0.5.0.1mdv2010.1.noarch.rpm f3f20e37dceebf8bdf6a59c63480637d 2010.1/x86_64/tomcat5-servlet-2.4-api-5.5.28-0.5.0.1mdv2010.1.noarch.rpm ecb9c25231c4b4446440053471987af8 2010.1/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.28-0.5.0.1mdv2010.1.noarch.rpm ac032ec73c6d764a6d457bead0862836 2010.1/x86_64/tomcat5-webapps-5.5.28-0.5.0.1mdv2010.1.noarch.rpm cf4c2bce29ceca7ee5e7a9bd7b86a7f8 2010.1/SRPMS/tomcat5-5.5.28-0.5.0.1mdv2010.1.src.rpm Mandriva Enterprise Server 5: a96ae7f15e748da57f3ff99f8285e6fc mes5/i586/tomcat5-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm fa2339ccc616ced45b70b812a6500f44 mes5/i586/tomcat5-admin-webapps-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm a09eb1dbe0e404a38cb732a786127afa mes5/i586/tomcat5-common-lib-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 39da14c38f620be97316c6a4e085639b mes5/i586/tomcat5-jasper-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm a4b7190f60200d14c972ff338ddd976e mes5/i586/tomcat5-jasper-eclipse-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm ac22c2f581c30922fd161cb561649791 mes5/i586/tomcat5-jasper-javadoc-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 63344795dd13886729bdde716bd4b15b mes5/i586/tomcat5-jsp-2.0-api-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 3ebdc207aac2b722ed9c49aa08d32546 mes5/i586/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm f904d274e7e99a90c0c008fa937dbae3 mes5/i586/tomcat5-server-lib-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm d294aaba246b2603bd7fd89aeae945c9 mes5/i586/tomcat5-servlet-2.4-api-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm ce1986ad25e282394e6abe54595ea6c3 mes5/i586/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 1a5bef647eb23d83851edf64e8762e4a mes5/i586/tomcat5-webapps-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 08de5348793af543106566dd9915dfa6 mes5/SRPMS/tomcat5-5.5.27-0.3.0.3mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: c7a8f2d62ec6f5f2de0b9de64508a2d2 mes5/x86_64/tomcat5-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 6f5acdfd9428454dd988fa6f29713b7e mes5/x86_64/tomcat5-admin-webapps-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 1ef42c3981198e655ae0a685bda7553a mes5/x86_64/tomcat5-common-lib-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 5da2bd76869df255bce49665800ec393 mes5/x86_64/tomcat5-jasper-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm a7bc04ec3f9d8cfc658c4010141dbbf9 mes5/x86_64/tomcat5-jasper-eclipse-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 47186356dc68c1020237e3fec66312bd mes5/x86_64/tomcat5-jasper-javadoc-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 308b971e4edc631657c0cc3c06b65ada mes5/x86_64/tomcat5-jsp-2.0-api-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 51b220efca64a4713e1ccaa4ebcfc516 mes5/x86_64/tomcat5-jsp-2.0-api-javadoc-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm ffb04c9ccac6355a04a57fab5332d449 mes5/x86_64/tomcat5-server-lib-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm f6ae1a2286d675db758ccc0df717dde4 mes5/x86_64/tomcat5-servlet-2.4-api-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm c1ad86e68cb50f64d83abe5f613cafe9 mes5/x86_64/tomcat5-servlet-2.4-api-javadoc-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 3059458abc0bff99f5943fd5bcca83b6 mes5/x86_64/tomcat5-webapps-5.5.27-0.3.0.3mdvmes5.1.noarch.rpm 08de5348793af543106566dd9915dfa6 mes5/SRPMS/tomcat5-5.5.27-0.3.0.3mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMjMgqmqjQ0CJFipgRAirkAJ9ykk/JRPQMMfhbxcFwXAkJD6PvVACg8AD5 mCisR/GL1zCycm43ihRz0Yw= =tzXS -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/