Mandriva Linux Security Advisory 2009-138 – Multiple security vulnerabilities have been identified and fixed in tomcat5. These problems range from cross site scripting to directory traversal issues. The updated packages have been patched to prevent this. Additionally, Apache Tomcat has been upgraded to the latest 5.5.27 version for 2009.0.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/78585/MDVSA-2009-138.txt
Source: https://packetstormsecurity.com/files/78585/Mandriva-Linux-Security-Advisory-2009-138.html