Synopsis: Important: tomcat security and bug fix update
Advisory ID: SLSA-2020:4004-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2019-17563
CVE-2020-13935
--
Security Fix(es):
* tomcat: multiple requests with invalid payload length in a WebSocket
frame could lead to DoS (CVE-2020-13935)
* tomcat: session fixation when using FORM authentication (CVE-2019-17563)
--
SL7
x86_64
tomcat-webapps-7.0.76-15.el7.noarch.rpm
tomcat-7.0.76-15.el7.noarch.rpm
tomcat-admin-webapps-7.0.76-15.el7.noarch.rpm
tomcat-jsp-2.2-api-7.0.76-15.el7.noarch.rpm
tomcat-lib-7.0.76-15.el7.noarch.rpm
tomcat-servlet-3.0-api-7.0.76-15.el7.noarch.rpm
tomcat-el-2.2-api-7.0.76-15.el7.noarch.rpm
noarch
tomcat-servlet-3.0-api-7.0.76-15.el7.noarch.rpm
tomcat-7.0.76-15.el7.noarch.rpm
tomcat-admin-webapps-7.0.76-15.el7.noarch.rpm
tomcat-docs-webapp-7.0.76-15.el7.noarch.rpm
tomcat-el-2.2-api-7.0.76-15.el7.noarch.rpm
tomcat-javadoc-7.0.76-15.el7.noarch.rpm
tomcat-jsp-2.2-api-7.0.76-15.el7.noarch.rpm
tomcat-jsvc-7.0.76-15.el7.noarch.rpm
tomcat-lib-7.0.76-15.el7.noarch.rpm
tomcat-webapps-7.0.76-15.el7.noarch.rpm
- Scientific Linux Development Team
|