[USN-7106-1] Tomcat vulnerabilities

Bruce Cable bruce.cable at canonical.com
Mon Nov 18 00:57:47 UTC 2024 

==========================================================================
Ubuntu Security Notice USN-7106-1
November 13, 2024

tomcat9 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Tomcat.

Software Description:
- tomcat9: Servlet and JSP engine

Details:

It was discovered that Tomcat did not include the secure attribute for
session cookies when using the RemoteIpFilter with requests from a
reverse proxy. An attacker could possibly use this issue to leak
sensitive information. (CVE-2023-28708)

It was discovered that Tomcat had a vulnerability in its FORM
authentication feature, leading to an open redirect attack. An attacker
could possibly use this issue to perform phishing attacks. (CVE-2023-41080)

It was discovered that Tomcat incorrectly recycled certain objects,
which could lead to information leaking from one request to the next.
An attacker could potentially use this issue to leak sensitive
information. (CVE-2023-42795)

It was discovered that Tomcat incorrectly handled HTTP trailer headers. A
remote attacker could possibly use this issue to perform HTTP request
smuggling. (CVE-2023-45648)

It was discovered that Tomcat incorrectly handled socket cleanup, which
could lead to websocket connections staying open. An attacker could
possibly use this issue to cause a denial of service. (CVE-2024-23672)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
   libtomcat9-java                 9.0.58-1ubuntu0.1+esm4
                                   Available with Ubuntu Pro
   tomcat9                         9.0.58-1ubuntu0.1+esm4
                                   Available with Ubuntu Pro

Ubuntu 20.04 LTS
   libtomcat9-java                 9.0.31-1ubuntu0.8
   tomcat9                         9.0.31-1ubuntu0.8

Ubuntu 18.04 LTS
   libtomcat9-java                 9.0.16-3ubuntu0.18.04.2+esm4
                                   Available with Ubuntu Pro
   tomcat9                         9.0.16-3ubuntu0.18.04.2+esm4
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-7106-1
   CVE-2023-28708, CVE-2023-41080, CVE-2023-42795, CVE-2023-45648,
   CVE-2024-23672

Package Information:
   https://launchpad.net/ubuntu/+source/tomcat9/9.0.31-1ubuntu0.8


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20241118/9570971b/attachment.sig>

More information about the ubuntu-security-announce mailing list