Uploaded image for project: 'Service Packs and Hot Fixes'
  1. Service Packs and Hot Fixes
  2. MNT-11569

CLONE - [Security] Multiple Tomcat vulnerabilities

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Resolution: Fixed
    • Affects Version/s: 4.1
    • Fix Version/s: 4.1.9
    • Component/s: Installer
    • Labels:
      None

      Description

      Bug fix for current service pack in test. Requires tomcat 6.0.41.

      There are multiple vulnerabilities in all Tomcat versions up to and including 7.0.52. This includes a serious DoS:
      https://mail-archives.apache.org/mod_mbox/tomcat-announce/201405.mbox/%3C53848918.4090009@apache.org%3E

      and two less serious information leaks:
      https://mail-archives.apache.org/mod_mbox/tomcat-announce/201405.mbox/%3C53848929.4020406@apache.org%3E
      https://mail-archives.apache.org/mod_mbox/tomcat-announce/201405.mbox/%3C53848933.9000200@apache.org%3E

      Solution: Upgrade to 7.0.53

        Attachments

          Structure

            Activity

              People

              • Assignee:
                closedbugs Closed Bugs (Inactive)
                Reporter:
                pphilips Pete Philips [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Structure Helper Panel