Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
From: Livo <alivingston@bravurasolutions.com>
Date: Wed, 9 Jan 2008 01:36:27 -0800 (PST)
Message-id: <[🔎] 14707946.post@talk.nabble.com>
In-reply-to: <[🔎] 1199652771.5035.14.camel@localhost>
References: <[🔎] 1199525586.8906.7.camel@localhost> <[🔎] 87fxxa4wep.fsf@mid.deneb.enyo.de> <[🔎] 1199652771.5035.14.camel@localhost>

After upgrading to 5.5.25, I also got:
Caused by: java.security.AccessControlException: access denied
(java.io.FilePermission ...webapps/.../WEB-INF/classes/logging.properties
read)

I found that it was because the file didn't exist (5.5.20 worked without
it).

Hope this helps you solve the problem.


ps: I tried creating an empty logging.properties file (not knowing if this
would break logging). It got me further, but I don't think it is the right
thing to do.
-- 
View this message in context: http://www.nabble.com/Re%3A--SECURITY---DSA-1447-1--New-tomcat5.5-packages-fix-several-vulnerabilities-tp14631519p14707946.html
Sent from the Debian Security mailing list archive at Nabble.com.

Reply to:

References:
- Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
  - From: Nihil <nihil@nanihil.com>
- Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
  - From: Nihil <nihil@nanihil.com>

Prev by Date: Re: Advisory description text
Next by Date: SMO Services
Previous by thread: Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
Next by thread: Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
Index(es):
- Date
- Thread