| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <415a28910809170705q68cffe1dv7361e25c921708ee@mail.gmail.com> Date: Wed, 17 Sep 2008 10:05:09 -0400 From: "Nick Owen" <owen.nick@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: WiKID Systems Security Advisory - Updated tomcat packages -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 WiKID Systems Security Advisory Summary ======= The WiKID Strong Authentication server utilizes the Tomcat application server for both the WiKIDAdmin web management interface and for processing one-time passcodes. This release updates Tomcat to 5.5.27 which patches several security vulnerabilities. Affected Products ================= The WiKID Strong Authentication Server - Enterprise Edition The WiKID Strong Authentication Server - Community Edition References ========== http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 Mitigation ========== Commercial users may download the most recent RPMs from the website: http://www.wikidsystems.com/downloads/ Users of the open source community version may download packages from Sourceforge: https://sourceforge.net/project/showfiles.php?group_id=144774 - -- Nick Owen WiKID Systems, Inc. 404-962-8983 (desk) http://www.wikidsystems.com Two-factor authentication, without the hassle factor. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkjQATkACgkQvhL875pdRY1NpwCglMttfAfrn720O7foyT/ih1/l Ss8An0GDsmb2DzLYjer6S9+Qvh0oALiz =mEYx -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists