SUSE-SU-2021:3602-1 -- SLES tomcat, javapackages-toolsID: oval:org.secpod.oval:def:89045755 | Date: (C)2021-11-12 (M)2022-11-03 |
Class: PATCH | Family: unix |
This update for tomcat, javapackages-tools fixes the following issue: Security issue fixed: - CVE-2021-30640: Escape parameters in JNDI Realm queries . - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients . - CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet . Non-security issues fixed: - Add requires and conflicts to avoid the usage of the incompatible "Java 11" with "Tomcat". - Rebuild javapackages-tools to fix a missing package on s390.
Platform: |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |
Product: |
tomcat |
javapackages-tools |