Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:1866-1

Опубликовано: 17 июл. 2019
Источник: suse-cvrf

Описание

Security update for tomcat

This update for tomcat to version 9.0.21 fixes the following issues:

Security issues fixed:

  • CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames (bsc#1131055).
  • CVE-2019-0221: Fixed a cross site scripting vulnerability with the SSI printenv command (bsc#1136085).
  • CVE-2019-10072: Fixed incomplete patch for CVE-2019-0199 (bsc#1139924).

Please also see http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.21_(markt) and http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt)

Список пакетов

SUSE Linux Enterprise Server 12 SP4
tomcat-9.0.21-3.13.2
tomcat-admin-webapps-9.0.21-3.13.2
tomcat-docs-webapp-9.0.21-3.13.2
tomcat-el-3_0-api-9.0.21-3.13.2
tomcat-javadoc-9.0.21-3.13.2
tomcat-jsp-2_3-api-9.0.21-3.13.2
tomcat-lib-9.0.21-3.13.2
tomcat-servlet-4_0-api-9.0.21-3.13.2
tomcat-webapps-9.0.21-3.13.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
tomcat-9.0.21-3.13.2
tomcat-admin-webapps-9.0.21-3.13.2
tomcat-docs-webapp-9.0.21-3.13.2
tomcat-el-3_0-api-9.0.21-3.13.2
tomcat-javadoc-9.0.21-3.13.2
tomcat-jsp-2_3-api-9.0.21-3.13.2
tomcat-lib-9.0.21-3.13.2
tomcat-servlet-4_0-api-9.0.21-3.13.2
tomcat-webapps-9.0.21-3.13.2

Ссылки

Описание

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O, clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP4:tomcat-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-admin-webapps-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-docs-webapp-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-el-3_0-api-9.0.21-3.13.2
Ссылки

Описание

The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP4:tomcat-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-admin-webapps-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-docs-webapp-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-el-3_0-api-9.0.21-3.13.2
Ссылки

Описание

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP4:tomcat-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-admin-webapps-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-docs-webapp-9.0.21-3.13.2
SUSE Linux Enterprise Server 12 SP4:tomcat-el-3_0-api-9.0.21-3.13.2
Ссылки