Bugs fixes in "tomcat7"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2016-6794 | Apache Tomcat System Property Disclosure | 2018-10-24 |
| CVE | CVE-2016-5018 | Apache Tomcat Security Manager Bypass | 2018-10-24 |
| CVE | CVE-2016-1240 | The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and | 2018-10-24 |
| CVE | CVE-2016-0762 | Apache Tomcat Realm Timing Attack | 2018-10-24 |
| CVE | CVE-2018-11784 | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. | 2018-10-10 |
| CVE | CVE-2018-11784 | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. | 2018-10-10 |
| CVE | CVE-2018-11784 | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. | 2018-10-10 |
| CVE | CVE-2018-11784 | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. | 2018-10-10 |
| CVE | CVE-2018-8034 | host name verification missing in WebSocket client | 2018-07-25 |
| CVE | CVE-2018-1336 | A bug in the UTF-8 decoder can lead to DoS | 2018-07-25 |
| CVE | CVE-2018-8034 | host name verification missing in WebSocket client | 2018-07-25 |
| CVE | CVE-2018-1336 | A bug in the UTF-8 decoder can lead to DoS | 2018-07-25 |
| CVE | CVE-2018-8034 | host name verification missing in WebSocket client | 2018-07-25 |
| CVE | CVE-2018-1336 | A bug in the UTF-8 decoder can lead to DoS | 2018-07-25 |
| CVE | CVE-2018-8034 | host name verification missing in WebSocket client | 2018-07-25 |
| CVE | CVE-2018-1336 | A bug in the UTF-8 decoder can lead to DoS | 2018-07-25 |
| CVE | CVE-2018-8014 | The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are ins | 2018-05-30 |
| CVE | CVE-2018-1305 | Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 | 2018-05-30 |
| CVE | CVE-2018-1304 | The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 t | 2018-05-30 |
| CVE | CVE-2017-12617 | When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via sett | 2018-05-30 |
About
-
Send Feedback to @ubuntu_updates
