« Return to Thread: Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

Re: [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

by Christian d'Heureuse :: Rate this Message:

> AccessControlException: access denied ... logging.properties read

This is a consequence of the patch of /etc/tomcat5.5/policy.d/
03catalina.policy for CVE-2007-5342 (http://cve.mitre.org/cgi-bin/
cvename.cgi?name=CVE-2007-5342).

One possible solution is to undo the patch by adding "permission
java.security.AllPermission;" to the permissions of "tomcat-juli.jar"
in 03catalina.policy.

--
To UNSUBSCRIBE, email to debian-security-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

« Return to Thread: Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities