[ubuntu/questing-security] tomcat10 10.1.40-1ubuntu1.25.10.1 (Accepted)

[Vyom Yadav]

tomcat10 (10.1.40-1ubuntu1.25.10.1) questing-security; urgency=medium

  * SECURITY UPDATE: WebDAV resource exhaustion via unbounded
    request body
    - debian/patches/CVE-2026-41284.patch: limit LOCK and PROPFIND
      request body size using BoundedByteArrayOutputStream
    - CVE-2026-41284
  * SECURITY UPDATE: HTTP/2 header field validation bypass
    - debian/patches/CVE-2026-41293-pre.patch: add header validation
      infrastructure for HTTP/2 field names and values
    - debian/patches/CVE-2026-41293.patch: improve field-vchar
      validation and simplify error handling in HPackHuffman
    - CVE-2026-41293
  * SECURITY UPDATE: WebSocket authentication header leakage
    - debian/patches/CVE-2026-42498.patch: clear authentication
      headers after use and fix digest auth method handling
    - CVE-2026-42498
  * SECURITY UPDATE: digest authentication NPE bypass
    - debian/patches/CVE-2026-43512.patch: add null check for
      password in RealmBase.getDigest()
    - CVE-2026-43512
  * SECURITY UPDATE: LockOutRealm case sensitivity bypass
    - debian/patches/CVE-2026-43513.patch: normalize username case
      in LockOutRealm when caseSensitive is false
    - CVE-2026-43513
  * SECURITY UPDATE: authorization bypass via multiple method
    constraints
    - debian/patches/CVE-2026-43515.patch: check all matching
      SecurityCollection entries in RealmBase
    - CVE-2026-43515

Date: 2026-06-09 18:13:38.555497+00:00
Changed-By: Vyom Yadav <vyom.yadav at canonical.com>
https://launchpad.net/ubuntu/+source/tomcat10/10.1.40-1ubuntu1.25.10.1
-------------- next part --------------
Sorry, changesfile not available.