| Revision Date: | 2020-12-01 | Version: | 1 |
| Title: | Security update for tomcat (Important) |
| Description: |
This update for tomcat to version 9.0.30 fixes the following issues:
Security issue fixed:
- CVE-2019-12418: Fixed a local privilege escalation through by manipulating the RMI registry and performing a man-in-the-middle attack (bsc#1159723). - CVE-2019-17563: Fixed a session fixation attack when using FORM authentication (bsc#1159729).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1139924
1159723
1159729
1162936
1162937
1163178
CVE-2019-10072
CVE-2019-12418
CVE-2019-17563
CVE-2020-8631
CVE-2020-8632
SUSE-SU-2020:0029-1
SUSE-SU-2020:0751-1
|
| Platform(s): | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information
tomcat-9.0.30-4.10 is installed
OR tomcat-docs-webapp-9.0.30-4.10 is installed
OR tomcat-embed-9.0.30-4.10 is installed
OR tomcat-javadoc-9.0.30-4.10 is installed
OR tomcat-jsvc-9.0.30-4.10 is installed
|