You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa tomcat6 i tomcat7

Sigurnosni nedostatak programskog paketa tomcat6 i tomcat7

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-3204-1
February 20, 2017

tomcat6, tomcat7 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS

Summary:

Tomcat could be made to consume resources if it received specially crafted
network traffic.

Software Description:
– tomcat7: Servlet and JSP engine
– tomcat6: Servlet and JSP engine

Details:

It was discovered that Tomcat incorrectly handled certain HTTP requests. A
remote attacker could possibly use this issue to cause Tomcat to consume
resources, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
libtomcat7-java 7.0.52-1ubuntu0.10
tomcat7 7.0.52-1ubuntu0.10

Ubuntu 12.04 LTS:
libtomcat6-java 6.0.35-1ubuntu3.11
tomcat6 6.0.35-1ubuntu3.11

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3204-1
CVE-2017-6056

Package Information:
https://launchpad.net/ubuntu/+source/tomcat7/7.0.52-1ubuntu0.10
https://launchpad.net/ubuntu/+source/tomcat6/6.0.35-1ubuntu3.11

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJYqzjVAAoJEGVp2FWnRL6TjuEP/iM3l8v80KcqMHVNwelbK/6n
0nBYLGno6BMsabicBJmSDGK03ruXWZrZdyUUSpTDfY6o6wIkJQA6qCucyS6IdAYG
dFYpxCBe9ZI9mQRqTpmzhrxUGQLcsPe7932xYCWVl5+4PomN8CMncEFCzzq6Gz+g
qbEHjgZ34zyM511rUqmz/hy7CtkROaMUCI9GGLY+WWM0EuEdPDetajamEo7hJEkl
qAU3LHbfhlDlxpKA40uSjWXHY7vwTCdWKJrptjwDEYJbZeLKKmMUVlyc6jE5L2Jw
kEJ2zxBnOk1ViHGTvVFrttZxJsgcnHasimI0MRles6t0GgsPuyD9kzOi/06vohhp
x/gHWjA3rAQEsn2+y14ci1uhzbyqUg/c8gKKIOUycdqOxSG7O6OBrPs6zAL1ngcz
7mpNLXmCSosxkIBvO9aImGHpnqKNFXrO5AXrdLTz8ExZzfwqw41ePgFRDKi9iDtS
OU1LEdq9mlFeYctmr9rtJ/xBSq5R2VqxSQDIRu2GO5w/AbDmNblZlPoW4hlnXyKc
mGGjOs318Yt/JabBP+BiuwwVl5n1mmOAxnXgeejSOevZRAf9HqdNevbxGb/xVfBk
vf4x2Z7tkhC2gBEA79HSLyLDgrwgfkJhdlHgmsR1fWn2KxiXazIM4CZnzqnyAoyi
l1fU3xwqde0byBpn2nxO
=b1Zp
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa gtk-vnc

Otkriveni su sigurnosni nedostaci u programskom paketu gtk-vnc za Ubuntu 12.04 LTS i 14.04 LTS. Otkriveni nedostaci uzrokovani su neispravnim...

Close