Release date:
2024-08-21 17:14:59 UTC
Description:
* SECURITY UPDATE: still vulnerable to CVE-2020-9484 with a
configuration edge case
- debian/patches/CVE-2021-25329.patch: use java.nio.file.Path for
consistent sub-directory checking
- CVE-2021-25329
* SECURITY UPDATE: time-of-check to time-of-use vulnerability introduced
by the CVE-2020-9484 fix
- debian/patches/CVE-2022-23181.patch: make calculation of session
storage location more robust
- CVE-2022-23181
* Internal tests:
- debian/rules: fail the build if some of the tests have failed
- debian/patches/skipping-tests-incompatible-with-firewall.patch:
backport from ubuntu18 els
- debian/patches/dont-test-unsupported-ciphers.patch: skip testing of
unsupported ciphers
- debian/patches/skip-tests-error-and-unstable.patch: skip tests that
fail with error and unstable ones
Updated packages:
-
libservlet3.1-java_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:d8fd7abdbe523a987c5753f0ff356ff295e62d0b
-
libservlet3.1-java-doc_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:5cac59f24628f2dd14af79836d299d3e084ff32c
-
libtomcat8-java_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:fabf722dc090677961886ad6869f140a478dddf3
-
tomcat8_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:f35c9f0cb04e8f57c093c0b7ff51db2d709c2b9f
-
tomcat8-admin_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:072552cd3077cd1fa852244b6b3930ea41f6c3b4
-
tomcat8-common_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:e97ef3687366a5f227c7fa112f30304459c72ab9
-
tomcat8-docs_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:e531193fb0628fb4f8db31f7fec7d57a1fec799d
-
tomcat8-examples_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:7c559924b8a6e380e698d5cf1ed6c69651f5febd
-
tomcat8-user_8.0.32-1ubuntu1.13+tuxcare.els1_all.deb
sha:8fef6c548d1a4022fb29cf9546c863b53a7b3ccf
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
