Описание
Security update for tomcat
This update for tomcat fixes the following issues:
Updated to Tomcat 9.0.85:
- CVE-2023-45648: Improve trailer header parsing (bsc#1216118).
- CVE-2023-42794: FileUpload: remove tmp files to avoid DoS on Windows (bsc#1216120).
- CVE-2023-42795: Improve handling of failures during recycle() methods (bsc#1216119).
- CVE-2023-46589: Fixed HTTP request smuggling due to incorrect headers parsing (bsc#1217649)
- CVE-2024-22029: Fixed escalation to root from tomcat user via %post script. (bsc#1219208)
The following non-security issues were fixed:
- Fixed the file permissions for server.xml (bsc#1217768, bsc#1217402).
Find the full release notes at:
Список пакетов
Container containers/apache-tomcat:9-openjdk11
Container containers/apache-tomcat:9-openjdk17
Container containers/apache-tomcat:9-openjdk21
Container containers/apache-tomcat:9-openjdk8
Container suse/manager/5.0/x86_64/server:latest
Image SLES15-SP4-Manager-Server-4-3
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
Image SLES15-SP4-Manager-Server-4-3-BYOS
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
Image server-image
Image tomcat_15_6
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
SUSE Linux Enterprise Module for Web and Scripting 15 SP5
SUSE Linux Enterprise Server 15 SP2-LTSS
SUSE Linux Enterprise Server 15 SP3-LTSS
SUSE Linux Enterprise Server 15 SP4-LTSS
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Manager Server 4.3
openSUSE Leap 15.5
Ссылки
- Link for SUSE-SU-2024:0472-1
- E-Mail link for SUSE-SU-2024:0472-1
- SUSE Security Ratings
- SUSE Bug 1216118
- SUSE Bug 1216119
- SUSE Bug 1216120
- SUSE Bug 1217402
- SUSE Bug 1217649
- SUSE Bug 1217768
- SUSE Bug 1219208
- SUSE CVE CVE-2023-42794 page
- SUSE CVE CVE-2023-42795 page
- SUSE CVE CVE-2023-45648 page
- SUSE CVE CVE-2023-46589 page
- SUSE CVE CVE-2024-22029 page
Описание
Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from disk creating the possibility of an eventual denial of service due to the disk being full. Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
Затронутые продукты
Ссылки
- CVE-2023-42794
- SUSE Bug 1216120
Описание
Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could cause Tomcat to skip some parts of the recycling process leading to information leaking from the current request/response to the next. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
Затронутые продукты
Ссылки
- CVE-2023-42795
- SUSE Bug 1216119
Описание
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.
Затронутые продукты
Ссылки
- CVE-2023-45648
- SUSE Bug 1216118
Описание
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.
Затронутые продукты
Ссылки
- CVE-2023-46589
- SUSE Bug 1217649
Описание
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
Затронутые продукты
Ссылки
- CVE-2024-22029
- SUSE Bug 1219208