ELSA-2020-4004

ULN >
Oracle Linux Errata repository >
ELSA-2020-4004

ELSA-2020-4004 - tomcat security and bug fix update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2020-10-06

Description

[0:7.0.76-15]
- Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS

[0:7.0.76-14]
- Revert rhbz#1814315 because it caused other issues with ipa-server, see rhbz#1831127
- Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Execution via session persistence

[0:7.0.76-13]
- Revert rhbz#1367492 because it caused issues with ipa-server, see rhbz#1831127

Related CVEs

CVE-2020-13935

CVE-2019-17563

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	tomcat-7.0.76-15.el7.src.rpm	b23dec5cd5f66ab5825a3543ffa138ee	ELSA-2020-5020
	tomcat-7.0.76-15.el7.noarch.rpm	c24435fed19fb5c24b069fa6c5644b5d	ELSA-2020-5020
	tomcat-admin-webapps-7.0.76-15.el7.noarch.rpm	4905e5772a5454d564bec7bf7e7713e8	ELSA-2020-5020
	tomcat-docs-webapp-7.0.76-15.el7.noarch.rpm	448a29bdc754646201356ca4d8045f84	ELSA-2020-5020
	tomcat-el-2.2-api-7.0.76-15.el7.noarch.rpm	8003b70cf72a47fd570e17bca69914ee	ELSA-2020-5020
	tomcat-javadoc-7.0.76-15.el7.noarch.rpm	5dc93ff819da3f85d46a167a71c94264	ELSA-2020-5020
	tomcat-jsp-2.2-api-7.0.76-15.el7.noarch.rpm	fb80a110f36b3547075f56720d20e37c	ELSA-2020-5020
	tomcat-jsvc-7.0.76-15.el7.noarch.rpm	d81d42aff8e0bcc37595707ee2027c49	ELSA-2020-5020
	tomcat-lib-7.0.76-15.el7.noarch.rpm	5ec279c3e776582f7121d2fb3e0ccdcc	ELSA-2020-5020
	tomcat-servlet-3.0-api-7.0.76-15.el7.noarch.rpm	6ec975c8dad3d096d054a85d8da0ac1d	ELSA-2020-5020
	tomcat-webapps-7.0.76-15.el7.noarch.rpm	2a5f4b37c76479219c28c4edc563ca37	ELSA-2020-5020

Oracle Linux 7 (x86_64)	tomcat-7.0.76-15.el7.src.rpm	b23dec5cd5f66ab5825a3543ffa138ee	ELSA-2020-5020
	tomcat-7.0.76-15.el7.noarch.rpm	c24435fed19fb5c24b069fa6c5644b5d	ELSA-2020-5020
	tomcat-admin-webapps-7.0.76-15.el7.noarch.rpm	4905e5772a5454d564bec7bf7e7713e8	ELSA-2020-5020
	tomcat-docs-webapp-7.0.76-15.el7.noarch.rpm	448a29bdc754646201356ca4d8045f84	ELSA-2020-5020
	tomcat-el-2.2-api-7.0.76-15.el7.noarch.rpm	8003b70cf72a47fd570e17bca69914ee	ELSA-2020-5020
	tomcat-javadoc-7.0.76-15.el7.noarch.rpm	5dc93ff819da3f85d46a167a71c94264	ELSA-2020-5020
	tomcat-jsp-2.2-api-7.0.76-15.el7.noarch.rpm	fb80a110f36b3547075f56720d20e37c	ELSA-2020-5020
	tomcat-jsvc-7.0.76-15.el7.noarch.rpm	d81d42aff8e0bcc37595707ee2027c49	ELSA-2020-5020
	tomcat-lib-7.0.76-15.el7.noarch.rpm	5ec279c3e776582f7121d2fb3e0ccdcc	ELSA-2020-5020
	tomcat-servlet-3.0-api-7.0.76-15.el7.noarch.rpm	6ec975c8dad3d096d054a85d8da0ac1d	ELSA-2020-5020
	tomcat-webapps-7.0.76-15.el7.noarch.rpm	2a5f4b37c76479219c28c4edc563ca37	ELSA-2020-5020

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691