[ubuntu/bionic-security] tomcat8 8.5.39-1ubuntu1~18.04.3 (Accepted)
Maria Emilia Torino
emilia.torino at canonical.com
Tue Sep 10 17:25:36 UTC 2019
tomcat8 (8.5.39-1ubuntu1~18.04.3) bionic-security; urgency=medium
* SECURITY UPDATE: XSS attack on SSI printenv command
- debian/patches/CVE-2019-0221.patch: escape debug output to aid
readability
- CVE-2019-0221
* SECURITY UPDATE: DoS via thread exhaustion
- debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout
handling to connection window exhaustion on write.
- debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle
full allocation case.
- CVE-2019-10072
tomcat8 (8.5.39-1ubuntu1~18.04.2) bionic; urgency=medium
* debian/tomcat8-instance-create: update regex to account for the fact that
the shutdown port is set to 8005 as default. LP: #1827090.
Date: 2019-09-09 21:57:13.568147+00:00
Changed-By: Maria Emilia Torino <emilia.torino at canonical.com>
https://launchpad.net/ubuntu/+source/tomcat8/8.5.39-1ubuntu1~18.04.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list