UbuntuUpdates.org

Package "tomcat8"

Name: tomcat8

Description:

Apache Tomcat 8 - Servlet and JSP engine

Latest version: 8.5.30-1ubuntu1.4
Release: bionic (18.04)
Level: updates
Repository: universe
Homepage: http://tomcat.apache.org

Links

Save this URL for the latest version of "tomcat8": https://www.ubuntuupdates.org/tomcat8


Download "tomcat8"


Other versions of "tomcat8" in Bionic

Repository Area Version
base universe 8.5.30-1ubuntu1
security universe 8.5.30-1ubuntu1.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 8.5.30-1ubuntu1.4 2018-08-27 20:06:53 UTC

  tomcat8 (8.5.30-1ubuntu1.4) bionic-security; urgency=medium

  * SECURITY UPDATE:
   - CVE-2018-1336: A bug in the UTF-8 decoder can lead to DoS
   - CVE-2018-8034: host name verification missing in WebSocket client
   - CVE-2018-8037: Information Disclosure

 -- Thomas Opfer <email address hidden> Mon, 13 Aug 2018 22:23:56 +0200

Source diff to previous version
CVE-2018-1336 A bug in the UTF-8 decoder can lead to DoS
CVE-2018-8034 host name verification missing in WebSocket client
CVE-2018-8037 If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that cou

Version: 8.5.30-1ubuntu1.3 2018-08-09 21:06:25 UTC

  tomcat8 (8.5.30-1ubuntu1.3) bionic; urgency=medium

  * Search for Java 10 and 11 runtimes (LP: #1780345)

 -- Stefano Rivera <email address hidden> Mon, 16 Jul 2018 20:41:29 -0700

Source diff to previous version
1780345 Tomcat8 doesn't detect JRE \u003e 8 when the default-jre package isn't installed

Version: 8.5.30-1ubuntu1.2 2018-05-30 22:06:46 UTC

  tomcat8 (8.5.30-1ubuntu1.2) bionic-security; urgency=medium

  * SECURITY UPDATE: CORS filter has insecure defaults
    - debian/patches/CVE-2018-8014.patch: change defaults in
      java/org/apache/catalina/filters/CorsFilter.java,
      java/org/apache/catalina/filters/LocalStrings.properties,
      test/org/apache/catalina/filters/TestCorsFilter.java,
      test/org/apache/catalina/filters/TesterFilterConfigs.java.
    - CVE-2018-8014

 -- Marc Deslauriers <email address hidden> Wed, 30 May 2018 09:37:13 -0400

CVE-2018-8014 The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are ins



About   -   Send Feedback to @ubuntu_updates