- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-3204-1
February 20, 2017
tomcat6, tomcat7 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
Summary:
Tomcat could be made to consume resources if it received specially crafted
network traffic.
Software Description:
– tomcat7: Servlet and JSP engine
– tomcat6: Servlet and JSP engine
Details:
It was discovered that Tomcat incorrectly handled certain HTTP requests. A
remote attacker could possibly use this issue to cause Tomcat to consume
resources, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
libtomcat7-java 7.0.52-1ubuntu0.10
tomcat7 7.0.52-1ubuntu0.10
Ubuntu 12.04 LTS:
libtomcat6-java 6.0.35-1ubuntu3.11
tomcat6 6.0.35-1ubuntu3.11
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-3204-1
CVE-2017-6056
Package Information:
https://launchpad.net/ubuntu/+source/tomcat7/7.0.52-1ubuntu0.10
https://launchpad.net/ubuntu/+source/tomcat6/6.0.35-1ubuntu3.11
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJYqzjVAAoJEGVp2FWnRL6TjuEP/iM3l8v80KcqMHVNwelbK/6n
0nBYLGno6BMsabicBJmSDGK03ruXWZrZdyUUSpTDfY6o6wIkJQA6qCucyS6IdAYG
dFYpxCBe9ZI9mQRqTpmzhrxUGQLcsPe7932xYCWVl5+4PomN8CMncEFCzzq6Gz+g
qbEHjgZ34zyM511rUqmz/hy7CtkROaMUCI9GGLY+WWM0EuEdPDetajamEo7hJEkl
qAU3LHbfhlDlxpKA40uSjWXHY7vwTCdWKJrptjwDEYJbZeLKKmMUVlyc6jE5L2Jw
kEJ2zxBnOk1ViHGTvVFrttZxJsgcnHasimI0MRles6t0GgsPuyD9kzOi/06vohhp
x/gHWjA3rAQEsn2+y14ci1uhzbyqUg/c8gKKIOUycdqOxSG7O6OBrPs6zAL1ngcz
7mpNLXmCSosxkIBvO9aImGHpnqKNFXrO5AXrdLTz8ExZzfwqw41ePgFRDKi9iDtS
OU1LEdq9mlFeYctmr9rtJ/xBSq5R2VqxSQDIRu2GO5w/AbDmNblZlPoW4hlnXyKc
mGGjOs318Yt/JabBP+BiuwwVl5n1mmOAxnXgeejSOevZRAf9HqdNevbxGb/xVfBk
vf4x2Z7tkhC2gBEA79HSLyLDgrwgfkJhdlHgmsR1fWn2KxiXazIM4CZnzqnyAoyi
l1fU3xwqde0byBpn2nxO
=b1Zp
—–END PGP SIGNATURE—–
—
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2017-02-0152-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
