Hosting Provided By

Re: [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

From: chdh <chdh(at)inventec.ch>
Date: Sun Jan 13 2008 - 16:10:25 EST

> AccessControlException: access denied ... logging.properties read

This is a consequence of the patch of /etc/tomcat5.5/policy.d/ 03catalina.policy for CVE-2007-5342 (http://cve.mitre.org/cgi-bin/ cvename.cgi?name=CVE-2007-5342).

One possible solution is to undo the patch by adding "permission java.security.AllPermission;" to the permissions of "tomcat-juli.jar" in 03catalina.policy.

-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Sun Jan 13 16:36:39 2008

This message: [ Message body ]
Next message: Moritz Muehlenhoff: "Re: [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities"
Previous message: Darren Salt: "xine-lib (etch) buffer overflow fix"
In reply to: Nihil: "Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities"
Next in thread: Moritz Muehlenhoff: "Re: [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities"
Reply: Moritz Muehlenhoff: "Re: [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities"
Reply: Nihil: "Re: [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 06:55:13 EDT