Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3787-2] tomcat7 regression update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3787-2] tomcat7 regression update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3787-2] tomcat7 regression update
  • Date: Wed, 22 Feb 2017 16:14:49 +0000
  • List-archive: https://lists.debian.org/msgid-search/E1cgZZ3-0000Jn-CC AT master.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <carnil AT master.debian.org>
  • Priority: urgent
  • Resent-date: Wed, 22 Feb 2017 16:15:08 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <vmKcwZiYxkI.A.gED.MkbrYB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3787-2 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 22, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : tomcat7

The update for tomcat7 issued as DSA-3787-1 caused that the server could
return HTTP 400 errors under certain circumstances. Updated packages are
now available to correct this issue. For reference, the original
advisory text follows.

It was discovered that a programming error in the processing of HTTPS
requests in the Apache Tomcat servlet and JSP engine may result in
denial of service via an infinite loop.

For the stable distribution (jessie), this problem has been fixed in
version 7.0.56-3+deb8u9.

We recommend that you upgrade your tomcat7 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlituMFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0T4ORAAnj6MlryuaiMsuFZiQOCxwfZOeUypx3ls8PKdumLY9YnKLZIz5IS98cLn
zvCCC5TqiGOOrAB7G4+jHMuX5rGhXSyCMHnR1EMtGsEaKP4AbjmbGn5E41SX3+hP
TRFVIHY6mTwZa+J2fQ3I8KSqatd120edRxDUYkqF1bk9PSfqPa9jd+Z4jZrT4/9I
WePo6YUppH9Oy+0rp9obIRYze3kr1VMUpH/qU9Flv9phgAx5rQK23gu9f8Bu7WSS
ID8pNVxio5g86Ko2egJdlblcfoGRXA5J/GLWv8tyy22P593SjDUDQQsAmznlDLV0
EixfS9dwBdrUK5LImtH9wa02C2gcZQVXsW2TKlf8TXmw1XN0ODYZWVKJ39egRoYc
pls3Cd0RPgWUsnMBFwerAa0BQs3hVKQwx6Dzh6eIQ3b7kuI3B9xefgKgDl/6d7O1
RP41aI/5CRzBrW3brCPdcPEesuZKrN/3HYDc6XRc6m1jduAz+SIQNbp7UyufK4JK
pK5y94qET5yeFyCj8uaMr6IlXlX3A2dwTwXmCANe9emvhuXYu4HZG/4m0VeMikIH
s6pB0b7gFpizk3KtAbqB2NNH7PhN2SJqNyuN+rqbwVHrm3tC+0yF69qQnxseRfcw
2/kWm2KuCls3GCMCx5Tcak45PDEO00dmNB5KW2MPGygom1h4xoo=
=UFFy
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 3787-2] tomcat7 regression update, Salvatore Bonaccorso, 22.02.2017

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang