Explore top 10 tips to secure your open-source projects now. Read More
×
This update for tomcat fixes the following issues: Version update to 7.0.90: - Another bugfix release, for full details see: https://tomcat.apache.org/tomcat-7.0-doc/changelog.html Security issues fixed: - CVE-2018-11784: When the default servlet in Apache Tomcat returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. (bsc#1110850) - CVE-2017-15706: As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correct. As a result, some scripts may have failed to execute as
#1078677 #1082480 #1082481 #1093697 #1102379
#1102400 #1110850
Cross- CVE-2017-15706 CVE-2018-11784 CVE-2018-1304
CVE-2018-1305 CVE-2018-1336 CVE-2018-8014
CVE-2018-8034
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
https://www.suse.com/security/cve/CVE-2017-15706.html
https://www.suse.com/security/cve/CVE-2018-11784.html
https://www.suse.com/security/cve/CVE-2018-1304.html
https://www.suse.com/security/cve/CVE-2018-1305.html
https://www.suse.com/security/cve/CVE-2018-1336.html
https://www.suse.com/security/cve/CVE-2018-8014.html
https://www.suse.com/security/cve/CVE-2018-8034.html
https://bugzilla.suse.com/1078677
https://bugzilla.suse.com/1082480
https://bugzilla.suse.com/1082481
Get the latest Linux and open source security news straight to your inbox.