Date: Fri, 28 Apr 2006 15:29:03 GMT From: Yann Golanski <yg2@york.ac.uk> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/96468: Jakarta Tomcat 5 is not up to date. Message-ID: <200604281529.k3SFT31f047409@www.freebsd.org> Resent-Message-ID: <200604281530.k3SFUJ8K057072@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 96468 >Category: ports >Synopsis: Jakarta Tomcat 5 is not up to date. >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Apr 28 15:30:18 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Yann Golanski >Release: 5.3 >Organization: UNiversity of York >Environment: FreeBSD mantis.york.ac.uk 5.3-STABLE FreeBSD 5.3-STABLE #1: Sat Apr 16 11:39:59 BST 2005 root@mantis.york.ac.uk:/usr/obj/usr/src/sys/GENERIC i386 >Description: Jakarta Tomcat version 5 has a security issue that is fixed in newer version. Updating the version of the port should fix it. >How-To-Repeat: # cd www/jakarta-tomcat5/ # make ===> jakarta-tomcat-5.0.30_3 has known vulnerabilities: => tomcat -- Tomcat Manager cross-site scripting. Reference: <http://www.FreeBSD.org/ports/portaudit/26a08c77-32da-4dd7-a884-a76fc49aa824.html>; => Please update your ports tree and try again. *** Error code 1 Stop in /usr/ports/www/jakarta-tomcat5. >Fix: Update Jakarta to latest release version. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200604281529.k3SFT31f047409>