[El-errata] ELSA-2017-0935 Moderate: Oracle Linux 7 tomcat security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Apr 12 18:03:15 PDT 2017
Oracle Linux Security Advisory ELSA-2017-0935
http://linux.oracle.com/errata/ELSA-2017-0935.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
tomcat-7.0.69-11.el7_3.noarch.rpm
tomcat-admin-webapps-7.0.69-11.el7_3.noarch.rpm
tomcat-docs-webapp-7.0.69-11.el7_3.noarch.rpm
tomcat-el-2.2-api-7.0.69-11.el7_3.noarch.rpm
tomcat-javadoc-7.0.69-11.el7_3.noarch.rpm
tomcat-jsp-2.2-api-7.0.69-11.el7_3.noarch.rpm
tomcat-jsvc-7.0.69-11.el7_3.noarch.rpm
tomcat-lib-7.0.69-11.el7_3.noarch.rpm
tomcat-servlet-3.0-api-7.0.69-11.el7_3.noarch.rpm
tomcat-webapps-7.0.69-11.el7_3.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tomcat-7.0.69-11.el7_3.src.rpm
Description of changes:
[0:7.0.69-11]
- Resolves: rhbz#1413591 CVE-2016-8745 tomcat: information disclosure
due to incorrect Processor sharing
- Resolves: rhbz#1402662 CVE-2016-6816 tomcat: HTTP Request smuggling
vulnerability due to permitting invalid character in HTTP requests
More information about the El-errata
mailing list