Bugs fixes in "tomcat6"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2016-0706 | Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManag | 2018-10-17 |
| CVE | CVE-2015-5351 | The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions a | 2018-10-17 |
| CVE | CVE-2015-5345 | The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before con | 2018-10-17 |
| CVE | CVE-2015-5174 | Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote auth | 2018-10-17 |
| CVE | CVE-2014-7810 | The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider t | 2018-10-17 |
| CVE | CVE-2014-0230 | Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishin | 2018-10-17 |
| CVE | CVE-2014-0227 | java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not pr | 2018-10-17 |
| CVE | CVE-2014-0119 | Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used w | 2018-10-17 |
| CVE | CVE-2014-0099 | Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in ... | 2018-10-17 |
| CVE | CVE-2014-0096 | java/org/apache/catalina/servlets/DefaultServlet.java in the default ... | 2018-10-17 |
| CVE | CVE-2014-0075 | Integer overflow in the parseChunkHeader function in ... | 2018-10-17 |
| CVE | CVE-2016-1240 | The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and | 2018-10-17 |
| CVE | CVE-2016-0763 | The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x befo | 2018-10-17 |
| CVE | CVE-2016-0762 | Apache Tomcat Realm Timing Attack | 2018-10-17 |
| CVE | CVE-2016-0714 | The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles s | 2018-10-17 |
| CVE | CVE-2016-0706 | Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManag | 2018-10-17 |
| CVE | CVE-2015-5351 | The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions a | 2018-10-17 |
| CVE | CVE-2015-5345 | The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before con | 2018-10-17 |
| CVE | CVE-2015-5174 | Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote auth | 2018-10-17 |
| CVE | CVE-2014-7810 | The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider t | 2018-10-17 |
About
-
Send Feedback to @ubuntu_updates
