ELSA-2020-4004

ULN >
Oracle Linux Errata repository >
ELSA-2020-4004

ELSA-2020-4004 - tomcat security and bug fix update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-10-06

Description

[0:7.0.76-15]
- Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS

[0:7.0.76-14]
- Revert rhbz#1814315 because it caused other issues with ipa-server, see rhbz#1831127
- Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Execution via session persistence

[0:7.0.76-13]
- Revert rhbz#1367492 because it caused issues with ipa-server, see rhbz#1831127

Related CVEs

CVE-2019-17563

CVE-2020-13935

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	tomcat-7.0.76-15.el7.src.rpm	300362a5821bf4b85a0eb225206d5a63e61cd492332e1cec0ad1874a29a2b077	ELSA-2020-5020	ol7_aarch64_latest
	tomcat-7.0.76-15.el7.src.rpm	300362a5821bf4b85a0eb225206d5a63e61cd492332e1cec0ad1874a29a2b077	ELSA-2020-5020	ol7_aarch64_optional_latest
	tomcat-7.0.76-15.el7.src.rpm	300362a5821bf4b85a0eb225206d5a63e61cd492332e1cec0ad1874a29a2b077	ELSA-2020-5020	ol7_aarch64_u9_base
	tomcat-7.0.76-15.el7.noarch.rpm	8728b86848ff4da9739e0459d041715be9dcc0052befc1a33c110e4fd339d7df	ELSA-2020-5020	ol7_aarch64_latest
	tomcat-7.0.76-15.el7.noarch.rpm	8728b86848ff4da9739e0459d041715be9dcc0052befc1a33c110e4fd339d7df	ELSA-2020-5020	ol7_aarch64_u9_base
	tomcat-admin-webapps-7.0.76-15.el7.noarch.rpm	177fb2ff664cf1a2354f265ed33b0a734f087a53c75d526f0a1e103649a47114	ELSA-2020-5020	ol7_aarch64_latest
	tomcat-admin-webapps-7.0.76-15.el7.noarch.rpm	177fb2ff664cf1a2354f265ed33b0a734f087a53c75d526f0a1e103649a47114	ELSA-2020-5020	ol7_aarch64_u9_base
	tomcat-docs-webapp-7.0.76-15.el7.noarch.rpm	03438b69824bba3d26a6f72fd5b4bb4c3188664dbbf6272bd573f33d2f65ae05	ELSA-2020-5020	ol7_aarch64_optional_latest
	tomcat-el-2.2-api-7.0.76-15.el7.noarch.rpm	b6db1671895fafaca478a95815f396c973c96e504d4cc19395504c2fcf9a5695	ELSA-2020-5020	ol7_aarch64_latest
	tomcat-el-2.2-api-7.0.76-15.el7.noarch.rpm	b6db1671895fafaca478a95815f396c973c96e504d4cc19395504c2fcf9a5695	ELSA-2020-5020	ol7_aarch64_u9_base
	tomcat-javadoc-7.0.76-15.el7.noarch.rpm	62e35b3a66fac3a231d42367d8eb5cbbdd3cf558eef558afeb210e6af2b72b0d	ELSA-2020-5020	ol7_aarch64_optional_latest
	tomcat-jsp-2.2-api-7.0.76-15.el7.noarch.rpm	24422e646b115da933e9b4d75f13bc1d4812c5fc817e8a3609e00d119f09c9c1	ELSA-2020-5020	ol7_aarch64_latest
	tomcat-jsp-2.2-api-7.0.76-15.el7.noarch.rpm	24422e646b115da933e9b4d75f13bc1d4812c5fc817e8a3609e00d119f09c9c1	ELSA-2020-5020	ol7_aarch64_u9_base
	tomcat-jsvc-7.0.76-15.el7.noarch.rpm	467473c3edbda477472de9e44c7b7004d3b3ec2052a4e6a63e81ef7f2cc67159	ELSA-2020-5020	ol7_aarch64_optional_latest
	tomcat-lib-7.0.76-15.el7.noarch.rpm	af75ba6493f883cba6f3283cd860ee7f0540adcaf6e4482d41e682af110bf786	ELSA-2020-5020	ol7_aarch64_latest
	tomcat-lib-7.0.76-15.el7.noarch.rpm	af75ba6493f883cba6f3283cd860ee7f0540adcaf6e4482d41e682af110bf786	ELSA-2020-5020	ol7_aarch64_u9_base
	tomcat-servlet-3.0-api-7.0.76-15.el7.noarch.rpm	2b52b12526fe73b3ed0dcefa05e1ea9cca4522b283ce3c19356e2521c92da38f	ELSA-2020-5020	ol7_aarch64_latest
	tomcat-servlet-3.0-api-7.0.76-15.el7.noarch.rpm	2b52b12526fe73b3ed0dcefa05e1ea9cca4522b283ce3c19356e2521c92da38f	ELSA-2020-5020	ol7_aarch64_u9_base
	tomcat-webapps-7.0.76-15.el7.noarch.rpm	3ba5d47b8edb5f92d60183927b06fa46b3e4a9ef61a935c4d4a29c3fbeef1b84	ELSA-2020-5020	ol7_aarch64_latest
	tomcat-webapps-7.0.76-15.el7.noarch.rpm	3ba5d47b8edb5f92d60183927b06fa46b3e4a9ef61a935c4d4a29c3fbeef1b84	ELSA-2020-5020	ol7_aarch64_u9_base

Oracle Linux 7 (x86_64)	tomcat-7.0.76-15.el7.src.rpm	300362a5821bf4b85a0eb225206d5a63e61cd492332e1cec0ad1874a29a2b077	ELSA-2020-5020	ol7_x86_64_latest
	tomcat-7.0.76-15.el7.src.rpm	300362a5821bf4b85a0eb225206d5a63e61cd492332e1cec0ad1874a29a2b077	ELSA-2020-5020	ol7_x86_64_optional_latest
	tomcat-7.0.76-15.el7.src.rpm	300362a5821bf4b85a0eb225206d5a63e61cd492332e1cec0ad1874a29a2b077	ELSA-2020-5020	ol7_x86_64_u9_base
	tomcat-7.0.76-15.el7.noarch.rpm	8728b86848ff4da9739e0459d041715be9dcc0052befc1a33c110e4fd339d7df	ELSA-2020-5020	ol7_x86_64_latest
	tomcat-7.0.76-15.el7.noarch.rpm	8728b86848ff4da9739e0459d041715be9dcc0052befc1a33c110e4fd339d7df	ELSA-2020-5020	ol7_x86_64_u9_base
	tomcat-admin-webapps-7.0.76-15.el7.noarch.rpm	177fb2ff664cf1a2354f265ed33b0a734f087a53c75d526f0a1e103649a47114	ELSA-2020-5020	ol7_x86_64_latest
	tomcat-admin-webapps-7.0.76-15.el7.noarch.rpm	177fb2ff664cf1a2354f265ed33b0a734f087a53c75d526f0a1e103649a47114	ELSA-2020-5020	ol7_x86_64_u9_base
	tomcat-docs-webapp-7.0.76-15.el7.noarch.rpm	03438b69824bba3d26a6f72fd5b4bb4c3188664dbbf6272bd573f33d2f65ae05	ELSA-2020-5020	ol7_x86_64_optional_latest
	tomcat-el-2.2-api-7.0.76-15.el7.noarch.rpm	b6db1671895fafaca478a95815f396c973c96e504d4cc19395504c2fcf9a5695	ELSA-2020-5020	ol7_x86_64_latest
	tomcat-el-2.2-api-7.0.76-15.el7.noarch.rpm	b6db1671895fafaca478a95815f396c973c96e504d4cc19395504c2fcf9a5695	ELSA-2020-5020	ol7_x86_64_u9_base
	tomcat-javadoc-7.0.76-15.el7.noarch.rpm	62e35b3a66fac3a231d42367d8eb5cbbdd3cf558eef558afeb210e6af2b72b0d	ELSA-2020-5020	ol7_x86_64_optional_latest
	tomcat-jsp-2.2-api-7.0.76-15.el7.noarch.rpm	24422e646b115da933e9b4d75f13bc1d4812c5fc817e8a3609e00d119f09c9c1	ELSA-2020-5020	ol7_x86_64_latest
	tomcat-jsp-2.2-api-7.0.76-15.el7.noarch.rpm	24422e646b115da933e9b4d75f13bc1d4812c5fc817e8a3609e00d119f09c9c1	ELSA-2020-5020	ol7_x86_64_u9_base
	tomcat-jsvc-7.0.76-15.el7.noarch.rpm	467473c3edbda477472de9e44c7b7004d3b3ec2052a4e6a63e81ef7f2cc67159	ELSA-2020-5020	ol7_x86_64_optional_latest
	tomcat-lib-7.0.76-15.el7.noarch.rpm	af75ba6493f883cba6f3283cd860ee7f0540adcaf6e4482d41e682af110bf786	ELSA-2020-5020	ol7_x86_64_latest
	tomcat-lib-7.0.76-15.el7.noarch.rpm	af75ba6493f883cba6f3283cd860ee7f0540adcaf6e4482d41e682af110bf786	ELSA-2020-5020	ol7_x86_64_u9_base
	tomcat-servlet-3.0-api-7.0.76-15.el7.noarch.rpm	2b52b12526fe73b3ed0dcefa05e1ea9cca4522b283ce3c19356e2521c92da38f	ELSA-2020-5020	ol7_x86_64_latest
	tomcat-servlet-3.0-api-7.0.76-15.el7.noarch.rpm	2b52b12526fe73b3ed0dcefa05e1ea9cca4522b283ce3c19356e2521c92da38f	ELSA-2020-5020	ol7_x86_64_u9_base
	tomcat-webapps-7.0.76-15.el7.noarch.rpm	3ba5d47b8edb5f92d60183927b06fa46b3e4a9ef61a935c4d4a29c3fbeef1b84	ELSA-2020-5020	ol7_x86_64_latest
	tomcat-webapps-7.0.76-15.el7.noarch.rpm	3ba5d47b8edb5f92d60183927b06fa46b3e4a9ef61a935c4d4a29c3fbeef1b84	ELSA-2020-5020	ol7_x86_64_u9_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691