RHSA-2009%3A1454
Updated tomcat5 packages that fix several security issues are now available for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 23 September 2009] This erratum has been updated to include replacement packages for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 4. The original packages did not contain a fix for the low security impact issue CVE-2009-0783. The packages for JBoss Enterprise Web Server 1.0.0 for Red Hat Enterprise Linux 5 are unchanged as they included the fix for CVE-2009-0783.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat JBoss Web Server 1.0 for RHEL 4 AS | ||
| Red Hat JBoss Web Server 1.0 for RHEL 4 ES | ||
| Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server | ||
| tomcat5 |
Timeline
- Sep 21, 2009 CVE Published
- Nov 21, 2025 CVE Updated
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Distribution Patch
- Apr 16, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
References
- http://tomcat.apache.org/security-5.html url
- https://access.redhat.com/errata/RHSA-2009:1454 advisory
- https://access.redhat.com/security/updates/classification/#important url
- https://bugzilla.redhat.com/show_bug.cgi?id=427766 url
- https://bugzilla.redhat.com/show_bug.cgi?id=493381 url
- https://bugzilla.redhat.com/show_bug.cgi?id=503978 url
- https://bugzilla.redhat.com/show_bug.cgi?id=504153 url
- https://bugzilla.redhat.com/show_bug.cgi?id=504753 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1454.json advisory