Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:1009-1

Опубликовано: 01 апр. 2021
Источник: suse-cvrf

Описание

Security update for tomcat

This update for tomcat fixes the following issues:

  • CVE-2021-24122: Fixed an information disclosure if resources are served from the NTFS file system (bsc#1180947).
  • CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912)
  • CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)

Список пакетов

SUSE Enterprise Storage 6
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1
SUSE Linux Enterprise Server 15 SP1-BCL
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1
SUSE Linux Enterprise Server 15 SP1-LTSS
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1
SUSE Manager Proxy 4.0
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1
SUSE Manager Retail Branch Server 4.0
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1
SUSE Manager Server 4.0
tomcat-9.0.36-4.58.1
tomcat-admin-webapps-9.0.36-4.58.1
tomcat-el-3_0-api-9.0.36-4.58.1
tomcat-jsp-2_3-api-9.0.36-4.58.1
tomcat-lib-9.0.36-4.58.1
tomcat-servlet-4_0-api-9.0.36-4.58.1
tomcat-webapps-9.0.36-4.58.1

Ссылки

Описание

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.

Затронутые продукты
SUSE Enterprise Storage 6:tomcat-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-admin-webapps-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-el-3_0-api-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-jsp-2_3-api-9.0.36-4.58.1
Ссылки

Описание

When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.

Затронутые продукты
SUSE Enterprise Storage 6:tomcat-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-admin-webapps-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-el-3_0-api-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-jsp-2_3-api-9.0.36-4.58.1
Ссылки

Описание

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

Затронутые продукты
SUSE Enterprise Storage 6:tomcat-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-admin-webapps-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-el-3_0-api-9.0.36-4.58.1
SUSE Enterprise Storage 6:tomcat-jsp-2_3-api-9.0.36-4.58.1
Ссылки
Уязвимость SUSE-SU-2021:1009-1