Release date:
2024-12-24 18:25:40 UTC
Description:
* SECURITY UPDATE: Missing secure attribute in session cookies with
RemoteIpFilter
- debian/patches/CVE-2023-28708.patch: Fix JSessionId secure attribute
missing with RemoteIpFilter and X-Forwarded-Proto set to https
- CVE-2023-28708
Updated packages:
-
libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb
sha:ead3c489b366310db7ec00e76cc0b8ff01969d8b
-
libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb
sha:2ff0e0c08c2b985709546ea3e3a3155171c05b66
-
tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb
sha:79b1aee238af3f7260cdbccb5ac27ec33d73bc15
-
tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb
sha:c3906e9636ddc859b7dce4afa621a90c460f94e5
-
tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb
sha:b3e43032a3136f3b9cce898609a376d36fb02365
-
tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb
sha:7bc0f09aa028ac5e34974cf3d93f7fabccfc4fbb
-
tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb
sha:a918ab9ec6f819cd3ac80e97a465c9f3fa1390c3
-
tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els8_all.deb
sha:ecf7d10b172ee7898c7246024a05a07e4ac79273
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
