Bugs fixes in "tomcat8"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2017-5664 | The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occ | 2018-01-09 |
| CVE | CVE-2017-5648 | While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0 | 2018-01-09 |
| CVE | CVE-2017-5647 | A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6. | 2018-01-09 |
| CVE | CVE-2017-7674 | The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header ind | 2018-01-09 |
| CVE | CVE-2017-5664 | The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occ | 2018-01-09 |
| CVE | CVE-2017-5648 | While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0 | 2018-01-09 |
| CVE | CVE-2017-5647 | A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6. | 2018-01-09 |
| CVE | CVE-2016-9775 | tomcat8: privilege escalation during package removal | 2017-01-23 |
| CVE | CVE-2016-9774 | tomcat8: privilege escalation during package upgrade | 2017-01-23 |
| CVE | CVE-2016-8735 | remote code execution | 2017-01-23 |
| CVE | CVE-2016-6816 | information disclosure | 2017-01-23 |
| CVE | CVE-2016-6797 | Apache Tomcat Unrestricted Access to Global Resources | 2017-01-23 |
| CVE | CVE-2016-6796 | Apache Tomcat Security Manager Bypass | 2017-01-23 |
| CVE | CVE-2016-6794 | Apache Tomcat System Property Disclosure | 2017-01-23 |
| CVE | CVE-2016-5388 | Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the pr | 2017-01-23 |
| CVE | CVE-2016-5018 | Apache Tomcat Security Manager Bypass | 2017-01-23 |
| CVE | CVE-2016-0762 | Apache Tomcat Realm Timing Attack | 2017-01-23 |
| CVE | CVE-2016-9775 | tomcat8: privilege escalation during package removal | 2017-01-23 |
| CVE | CVE-2016-9774 | tomcat8: privilege escalation during package upgrade | 2017-01-23 |
| CVE | CVE-2016-8735 | remote code execution | 2017-01-23 |
About
-
Send Feedback to @ubuntu_updates
