[ubuntu/focal-security] tomcat9 9.0.31-1ubuntu0.6 (Accepted)
Emilia Torino
emilia.torino at canonical.com
Thu Aug 1 15:17:27 UTC 2024
tomcat9 (9.0.31-1ubuntu0.6) focal-security; urgency=medium
* SECURITY UPDATE: Local privilege escalation via FileStore persistent
sessions
- debian/patches/CVE-2022-23181.patch: Make calculation of session storage
location more robust.
- CVE-2022-23181
* SECURITY UPDATE: Denial of service via EncryptInterceptor
- debian/patches/CVE-2022-29885.patch: EncryptInterceptor only provides
partial protection on untrusted network.
- CVE-2022-29885
Date: 2024-07-31 19:56:11.148633+00:00
Changed-By: Octavio Galland <octavio.galland at canonical.com>
Signed-By: Emilia Torino <emilia.torino at canonical.com>
https://launchpad.net/ubuntu/+source/tomcat9/9.0.31-1ubuntu0.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list