Release date:
2026-05-27 08:17:21 UTC
Description:
- CVE-2026-43513: add case sensitive attribute to LockOutRealm
- CVE-2026-43512: fix the handling of invalid users with DIGEST authentication
- CVE-2026-43514: switch AJP secret comparison to a constant time algorithm
- CVE-2026-43515: ensure RealmBase finds all matching extension based constraints
- CVE-2026-41284: add a configurable limit for WebDAV XML request bodies
Updated packages:
-
tomcat-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:b0be29fd30ef5dd7527032c8641176803f8fc30883a9a8f69767ee22540a63e6
-
tomcat-admin-webapps-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:b77a8dd924881a95e4bdf7e205882b003abb4c56f22aa358dd115052f9076a16
-
tomcat-docs-webapp-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:e5abeef586c35c1a7fbeb3d632440157324ad37e7088aea40a5eafd46098a937
-
tomcat-el-2.2-api-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:6361ed20db870a0ff0210ef17a572636cb78a6eb3360ac71926f61378356911f
-
tomcat-javadoc-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:e3e680a9fe4f7b986e5e10b016624b375df3184812cd8ef5a02aeca8dd77d47f
-
tomcat-jsp-2.2-api-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:477d2fc97a0b46b3af56b9659f7f5b79168e227b6d9cdb57306a9513f97fd3fb
-
tomcat-jsvc-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:39074ae2f4f5d585bbfc12b12230a23acd785e4dd58be9872379e6cf71995c91
-
tomcat-lib-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:1f11e4d6772471719a63c8796e33622b022df4ca7f2b30a3a181ab7aa65906aa
-
tomcat-servlet-3.0-api-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:ee4ed25e9e2b68e097ae361be9f56f07f37779f68d2f21170716546e673bd32c
-
tomcat-webapps-7.0.76-10.amzn2.0.16.tuxcare.els2.noarch.rpm
sha:b9ac4772255ebd89be21f6c2f8534808a8cc3a649ea7684c546ae2a0ae4151fd
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
