| Revision Date: | 2019-07-17 | Version: | 1 |
| Title: | Security update for tomcat (Moderate) |
| Description: |
This update for tomcat to version 9.0.21 fixes the following issues:
Security issues fixed:
- CVE-2019-0199: Fixed a denial of service in the HTTP/2 implementation related to streams with excessive numbers of SETTINGS frames (bsc#1131055). - CVE-2019-0221: Fixed a cross site scripting vulnerability with the SSI printenv command (bsc#1136085). - CVE-2019-10072: Fixed incomplete patch for CVE-2019-0199 (bsc#1139924).
Please also see http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.21_(markt) and http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1131055
1136085
1139924
CVE-2019-0199
CVE-2019-0221
CVE-2019-10072
SUSE-SU-2019:1866-1
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP4
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information
tomcat-9.0.21-3.13.2 is installed
OR tomcat-admin-webapps-9.0.21-3.13.2 is installed
OR tomcat-docs-webapp-9.0.21-3.13.2 is installed
OR tomcat-el-3_0-api-9.0.21-3.13.2 is installed
OR tomcat-javadoc-9.0.21-3.13.2 is installed
OR tomcat-jsp-2_3-api-9.0.21-3.13.2 is installed
OR tomcat-lib-9.0.21-3.13.2 is installed
OR tomcat-servlet-4_0-api-9.0.21-3.13.2 is installed
OR tomcat-webapps-9.0.21-3.13.2 is installed
|