[El-errata] ELSA-2017-3081 Important: Oracle Linux 7 tomcat security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Sun Oct 29 22:40:05 PDT 2017
Oracle Linux Security Advisory ELSA-2017-3081
http://linux.oracle.com/errata/ELSA-2017-3081.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
tomcat-7.0.76-3.el7_4.noarch.rpm
tomcat-admin-webapps-7.0.76-3.el7_4.noarch.rpm
tomcat-docs-webapp-7.0.76-3.el7_4.noarch.rpm
tomcat-el-2.2-api-7.0.76-3.el7_4.noarch.rpm
tomcat-javadoc-7.0.76-3.el7_4.noarch.rpm
tomcat-jsp-2.2-api-7.0.76-3.el7_4.noarch.rpm
tomcat-jsvc-7.0.76-3.el7_4.noarch.rpm
tomcat-lib-7.0.76-3.el7_4.noarch.rpm
tomcat-servlet-3.0-api-7.0.76-3.el7_4.noarch.rpm
tomcat-webapps-7.0.76-3.el7_4.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/tomcat-7.0.76-3.el7_4.src.rpm
Description of changes:
[0:7.0.76-3]
- Resolves: rhbz#1498344 CVE-2017-12615 CVE-2017-12617 tomcat: various flaws
- Resolves: rhbz#1495654 CVE-2017-7674 tomcat: Vary header not added by
CORS filter leading to cache poisoning
- Resolves: rhbz#1470596 CVE-2017-5647 Add follow up revision
More information about the El-errata
mailing list