Описание
Security update for tomcat
This update for tomcat fixes the following issues:
- CVE-2024-21733: Fixed leaking of unrelated request bodies in default error page (bsc#1219023, bsc#1220503).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
tomcat-9.0.36-3.121.1
tomcat-admin-webapps-9.0.36-3.121.1
tomcat-docs-webapp-9.0.36-3.121.1
tomcat-el-3_0-api-9.0.36-3.121.1
tomcat-javadoc-9.0.36-3.121.1
tomcat-jsp-2_3-api-9.0.36-3.121.1
tomcat-lib-9.0.36-3.121.1
tomcat-servlet-4_0-api-9.0.36-3.121.1
tomcat-webapps-9.0.36-3.121.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
tomcat-9.0.36-3.121.1
tomcat-admin-webapps-9.0.36-3.121.1
tomcat-docs-webapp-9.0.36-3.121.1
tomcat-el-3_0-api-9.0.36-3.121.1
tomcat-javadoc-9.0.36-3.121.1
tomcat-jsp-2_3-api-9.0.36-3.121.1
tomcat-lib-9.0.36-3.121.1
tomcat-servlet-4_0-api-9.0.36-3.121.1
tomcat-webapps-9.0.36-3.121.1
Ссылки
- Link for SUSE-SU-2024:0829-1
- E-Mail link for SUSE-SU-2024:0829-1
- SUSE Security Ratings
- SUSE Bug 1219023
- SUSE Bug 1220503
- SUSE CVE CVE-2024-21733 page
Описание
Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:tomcat-9.0.36-3.121.1
SUSE Linux Enterprise Server 12 SP5:tomcat-admin-webapps-9.0.36-3.121.1
SUSE Linux Enterprise Server 12 SP5:tomcat-docs-webapp-9.0.36-3.121.1
SUSE Linux Enterprise Server 12 SP5:tomcat-el-3_0-api-9.0.36-3.121.1
Ссылки
- CVE-2024-21733
- SUSE Bug 1219023
- SUSE Bug 1220503