SUSE-SU-2017:3039-1 -- SLES tomcatID: oval:org.secpod.oval:def:89044662 | Date: (C)2021-07-07 (M)2023-12-14 |
Class: PATCH | Family: unix |
This update for tomcat fixes the following issues: Security issues fixed: - CVE-2017-5664: A problem in handling error pages was fixed, to avoid potential file overwrites during error page handling. - CVE-2017-7674: A CORS Filter issue could lead to client and server side cache poisoning - CVE-2017-12617: A remote code execution possibility via JSP Upload was fixed Non security bugs fixed: - Fix tomcat-digest classpath error - Fix packaged /etc/alternatives symlinks for api libs that caused rpm -V to report link mismatch
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |