Oval Definition:	oval:com.redhat.rhsa:def:20205020
Revision Date: 2020-11-10 Version: 637 Title: RHSA-2020:5020: tomcat security update (Low) Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling (CVE-2020-1935) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Family: unix Class: patch Status: Reference(s): CVE-2020-1935 RHSA-2020:5020 Platform(s): Red Hat Enterprise Linux 7 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 7 is installed AND tomcat is earlier than 0:7.0.76-16.el7_9 AND tomcat is signed with Red Hat redhatrelease2 key tomcat-admin-webapps is earlier than 0:7.0.76-16.el7_9 AND tomcat-admin-webapps is signed with Red Hat redhatrelease2 key tomcat-docs-webapp is earlier than 0:7.0.76-16.el7_9 AND tomcat-docs-webapp is signed with Red Hat redhatrelease2 key tomcat-el-2.2-api is earlier than 0:7.0.76-16.el7_9 AND tomcat-el-2.2-api is signed with Red Hat redhatrelease2 key tomcat-javadoc is earlier than 0:7.0.76-16.el7_9 AND tomcat-javadoc is signed with Red Hat redhatrelease2 key tomcat-jsp-2.2-api is earlier than 0:7.0.76-16.el7_9 AND tomcat-jsp-2.2-api is signed with Red Hat redhatrelease2 key tomcat-jsvc is earlier than 0:7.0.76-16.el7_9 AND tomcat-jsvc is signed with Red Hat redhatrelease2 key tomcat-lib is earlier than 0:7.0.76-16.el7_9 AND tomcat-lib is signed with Red Hat redhatrelease2 key tomcat-servlet-3.0-api is earlier than 0:7.0.76-16.el7_9 AND tomcat-servlet-3.0-api is signed with Red Hat redhatrelease2 key tomcat-webapps is earlier than 0:7.0.76-16.el7_9 AND tomcat-webapps is signed with Red Hat redhatrelease2 key
BACK