Stay Connected:

ELSA-2017-1809

ELSA-2017-1809 - tomcat security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2017-07-27

Description


[0:7.0.69-12]
- Resolves: rhbz#1441487 CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object
- Resolves: rhbz#1441480 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used
- Resolves: rhbz#1459746 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism


Related CVEs


CVE-2017-5648
CVE-2017-5664

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) tomcat-7.0.69-12.el7_3.src.rpm3d1a9afc892dfa7a8e0d9306143a4d7cELSA-2020-5020
tomcat-7.0.69-12.el7_3.noarch.rpm482bb7b49f10015116a05e6ab17c4facELSA-2020-5020
tomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm830e6ccc1bb3ac1c41d28a7e937d291fELSA-2020-5020
tomcat-docs-webapp-7.0.69-12.el7_3.noarch.rpmebfa4827ac32f69765804646ccb3e6aeELSA-2020-5020
tomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm8e139510a9086d620c24b3f2e32ccf68ELSA-2020-5020
tomcat-javadoc-7.0.69-12.el7_3.noarch.rpmac7ecf79d112f7f51e3aa2c7e59ae638ELSA-2020-5020
tomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpmc16aa091dac4dbb1bd00920dd68cb281ELSA-2020-5020
tomcat-jsvc-7.0.69-12.el7_3.noarch.rpmdc2d6164fb5d47baa52e200ab42d1699ELSA-2020-5020
tomcat-lib-7.0.69-12.el7_3.noarch.rpm9d2b284c673ed346484dde83a028d8c1ELSA-2020-5020
tomcat-servlet-3.0-api-7.0.69-12.el7_3.noarch.rpmdd6b243b43393763fc1509cbb5fb9fd3ELSA-2020-5020
tomcat-webapps-7.0.69-12.el7_3.noarch.rpm978aa84446ee1b2cb4e11c6775e2db0eELSA-2020-5020



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights