Synopsis:          Important: tomcat security update
Advisory ID:       SLSA-2017:3081-1
Issue Date:        2017-10-30
CVE Numbers:       CVE-2017-5647
                   CVE-2017-7674
                   CVE-2017-12615
                   CVE-2017-12617
--

Security Fix(es):

* A vulnerability was discovered in Tomcat's handling of pipelined
requests when "Sendfile" was used. If sendfile processing completed
quickly, it was possible for the Processor to be added to the processor
cache twice. This could lead to invalid responses or information
disclosure. (CVE-2017-5647)

* Two vulnerabilities were discovered in Tomcat where if a servlet context
was configured with readonly=false and HTTP PUT requests were allowed, an
attacker could upload a JSP file to that context and achieve code
execution. (CVE-2017-12615, CVE-2017-12617)

* A vulnerability was discovered in Tomcat where the CORS Filter did not
send a "Vary: Origin" HTTP header. This potentially allowed sensitive data
to be leaked to other visitors through both client-side and server-side
caches. (CVE-2017-7674)
--

SL7
  noarch
    tomcat-servlet-3.0-api-7.0.76-3.el7_4.noarch.rpm
    tomcat-7.0.76-3.el7_4.noarch.rpm
    tomcat-admin-webapps-7.0.76-3.el7_4.noarch.rpm
    tomcat-docs-webapp-7.0.76-3.el7_4.noarch.rpm
    tomcat-el-2.2-api-7.0.76-3.el7_4.noarch.rpm
    tomcat-javadoc-7.0.76-3.el7_4.noarch.rpm
    tomcat-jsp-2.2-api-7.0.76-3.el7_4.noarch.rpm
    tomcat-jsvc-7.0.76-3.el7_4.noarch.rpm
    tomcat-lib-7.0.76-3.el7_4.noarch.rpm
    tomcat-webapps-7.0.76-3.el7_4.noarch.rpm

- Scientific Linux Development Team