Release date:
2022-12-09 17:22:43 UTC
Description:
* SECURITY UPDATE: The SSI printenv command in Apache Tomcat 9.0.0.M1
to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided
data without escaping and is, therefore, vulnerable to XSS.
- debian/patches/CVE-2019-0221.patch: Escape debug output to aid
readability
- CVE-2019-0221
Updated packages:
-
libservlet3.0-java_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:dbbb22e1c0524e710f4de60833e0e7a17f85a639
-
libservlet3.0-java-doc_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:9092142407fb948004c56fd8917bfcf2af5de38f
-
libtomcat7-java_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:0c1db601d999ddbf4a8a6536333b8d1e0228438e
-
tomcat7_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:5d55ccd44e03d1f21ddcc3ba4b5e2434d158973e
-
tomcat7-admin_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:50c56d74ae8832199c7e1fb5fbe7fd564dc90b47
-
tomcat7-common_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:c915380ce2c6a5ecbff57d20b274e6892a45602e
-
tomcat7-docs_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:493cc480cf4ea041821478f5018e7bee8bbcf284
-
tomcat7-examples_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:2bdfb678388cd3f606b6044f656d2126b3f8fab4
-
tomcat7-user_7.0.68-1ubuntu0.4+tuxcare.els2_all.deb
sha:381b5ca3b43b3d89d2a109f9c9a0fbec0d9bca74
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
