LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

October 2016

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA October 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Important: tomcat on SL7.x (noarch)
From:	Connie Sieh <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Tue, 11 Oct 2016 20:53:59 -0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (56 lines)

Synopsis:          Important: tomcat security update
Advisory ID:       SLSA-2016:2046-1
Issue Date:        2016-10-10
CVE Numbers:       CVE-2014-7810
                   CVE-2015-5346
                   CVE-2016-5388
                   CVE-2016-5425
                   CVE-2016-6325
--

Security Fix(es):

* It was discovered that the Tomcat packages installed configuration file
/usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of
the group or a malicious web application deployed on Tomcat could use this
flaw to escalate their privileges. (CVE-2016-5425)

* It was discovered that the Tomcat packages installed certain
configuration files read by the Tomcat initialization script as writeable
to the tomcat group. A member of the group or a malicious web application
deployed on Tomcat could use this flaw to escalate their privileges.
(CVE-2016-6325)

* It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)

* It was discovered that tomcat used the value of the Proxy header from
HTTP requests to initialize the HTTP_PROXY environment variable for CGI
scripts, which in turn was incorrectly used by certain HTTP client
implementations to configure the proxy for outgoing HTTP requests. A
remote attacker could possibly use this flaw to redirect HTTP requests
performed by a CGI script to an attacker-controlled proxy via a malicious
HTTP request. (CVE-2016-5388)

* A session fixation flaw was found in the way Tomcat recycled the
requestedSessionSSL field. If at least one web application was configured
to use the SSL session ID as the HTTP session ID, an attacker could reuse
a previously used session ID for further requests. (CVE-2015-5346)
--

SL7
  noarch
    tomcat-servlet-3.0-api-7.0.54-8.el7_2.noarch.rpm
    tomcat-7.0.54-8.el7_2.noarch.rpm
    tomcat-admin-webapps-7.0.54-8.el7_2.noarch.rpm
    tomcat-docs-webapp-7.0.54-8.el7_2.noarch.rpm
    tomcat-el-2.2-api-7.0.54-8.el7_2.noarch.rpm
    tomcat-javadoc-7.0.54-8.el7_2.noarch.rpm
    tomcat-jsp-2.2-api-7.0.54-8.el7_2.noarch.rpm
    tomcat-jsvc-7.0.54-8.el7_2.noarch.rpm
    tomcat-lib-7.0.54-8.el7_2.noarch.rpm
    tomcat-webapps-7.0.54-8.el7_2.noarch.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV