ELSA-2015-0991

Опубликовано: 12 мая 2015

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2015-0991: tomcat6 security and bug fix update (MODERATE)

[0:6.0.24-83]

Related: rhbz#1207048 tomcat initscript didn't assign
RETVAL after killing tomcat process

[0:6.0.24-82]

Resolves: rhbz#1207048 Tomcat init script needs to be adjusted
to kill tomcat if stop is unsuccessful

[0:6.0.24-81]

Resolves: CVE-2014-0227 Limited DoS in chunked transfer encoding
input filter

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

tomcat6

6.0.24-83.el6_6

tomcat6-admin-webapps

6.0.24-83.el6_6

tomcat6-docs-webapp

6.0.24-83.el6_6

tomcat6-el-2.1-api

6.0.24-83.el6_6

tomcat6-javadoc

6.0.24-83.el6_6

tomcat6-jsp-2.1-api

6.0.24-83.el6_6

tomcat6-lib

6.0.24-83.el6_6

tomcat6-servlet-2.5-api

6.0.24-83.el6_6

tomcat6-webapps

6.0.24-83.el6_6

Oracle Linux i686

tomcat6

6.0.24-83.el6_6

tomcat6-admin-webapps

6.0.24-83.el6_6

tomcat6-docs-webapp

6.0.24-83.el6_6

tomcat6-el-2.1-api

6.0.24-83.el6_6

tomcat6-javadoc

6.0.24-83.el6_6

tomcat6-jsp-2.1-api

6.0.24-83.el6_6

tomcat6-lib

6.0.24-83.el6_6

tomcat6-servlet-2.5-api

6.0.24-83.el6_6

tomcat6-webapps

6.0.24-83.el6_6

Связанные CVE

CVE-2014-0227

Ссылки на источники

Связанные уязвимости

CVE-2014-0227

ubuntu

больше 10 лет назад

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.

CVE-2014-0227

redhat

больше 10 лет назад

CVE-2014-0227

nvd

больше 10 лет назад

CVE-2014-0227

debian

больше 10 лет назад

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apach ...

GHSA-42j3-498q-m6vp

github

около 3 лет назад

Improper Input Validation in Apache Tomcat