Описание
Security update for tomcat
This update for tomcat fixes the following issues:
- CVE-2016-3092: Usage of vulnerable FileUpload package can result in denial of service. (bsc#986359)
- CVE-2016-5388: Setting HTTP_PROXY environment variable via Proxy header. (bsc#988489)
Список пакетов
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Ссылки
- Link for SUSE-SU-2016:2188-1
- E-Mail link for SUSE-SU-2016:2188-1
- SUSE Security Ratings
- SUSE Bug 986359
- SUSE Bug 988489
- SUSE CVE CVE-2016-3092 page
- SUSE CVE CVE-2016-5388 page
Описание
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
Затронутые продукты
Ссылки
- CVE-2016-3092
- SUSE Bug 1068865
- SUSE Bug 986359
- SUSE Bug 988489
Описание
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability.
Затронутые продукты
Ссылки
- CVE-2016-5388
- SUSE Bug 988484
- SUSE Bug 988486
- SUSE Bug 988487
- SUSE Bug 988488
- SUSE Bug 988489
- SUSE Bug 988491
- SUSE Bug 988492
- SUSE Bug 989125
- SUSE Bug 989174