|
|
Log in / Subscribe / Register

Oracle alert ELSA-2017-1809 (tomcat)



From:
    	      Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 


To:
    	      el-errata@oss.oracle.com 


Subject:
    	      [El-errata] ELSA-2017-1809 Important: Oracle Linux 7 tomcat security update 


Date:
    	      Thu, 27 Jul 2017 22:22:18 -0700


Message-ID:
    	      <727f7fc2-8fc0-f197-9b18-4d8c6f2ae5dc@oracle.com>


Oracle Linux Security Advisory ELSA-2017-1809

http://linux.oracle.com/errata/ELSA-2017-1809.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
tomcat-7.0.69-12.el7_3.noarch.rpm
tomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm
tomcat-docs-webapp-7.0.69-12.el7_3.noarch.rpm
tomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm
tomcat-javadoc-7.0.69-12.el7_3.noarch.rpm
tomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpm
tomcat-jsvc-7.0.69-12.el7_3.noarch.rpm
tomcat-lib-7.0.69-12.el7_3.noarch.rpm
tomcat-servlet-3.0-api-7.0.69-12.el7_3.noarch.rpm
tomcat-webapps-7.0.69-12.el7_3.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tomcat-7.0.69-12....



Description of changes:

[0:7.0.69-12]
- Resolves: rhbz#1441487 CVE-2017-5648 tomcat: Calls to application 
listeners did not use the appropriate facade object
- Resolves: rhbz#1441480 CVE-2017-5647 tomcat: Incorrect handling of 
pipelined requests when send file was used
- Resolves: rhbz#1459746 CVE-2017-5664 tomcat: Security constrained 
bypass in error page mechanism


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds