Skip to content

CentOS 7 - Updates for x86_64: system environment/daemons: tomcat

tomcat - Apache Servlet/JSP Engine, RI for Servlet 3.0/JSP 2.2 API

Website: http://tomcat.apache.org/
License: ASL 2.0
Vendor: CentOS
Description:
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.

Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.

Packages

tomcat-7.0.76-16.el7_9.noarch [93 KiB] Changelog by Hui Wang (2020-09-23):
- Resolves: rhbz#1814315 CVE-2020-1935 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling
tomcat-7.0.76-15.el7.noarch [93 KiB] Changelog by Coty Sutherland (2020-07-17):
- Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS
tomcat-7.0.76-12.el7_8.noarch [92 KiB] Changelog by Coty Sutherland (2020-05-21):
- Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Execution via session persistence
tomcat-7.0.76-11.el7_7.noarch [92 KiB] Changelog by Coty Sutherland (2020-03-03):
- Resolves: rhbz#1806801 CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
tomcat-7.0.76-10.el7_7.noarch [91 KiB] Changelog by Coty Sutherland (2019-09-03):
- Resolves: rhbz#1748541 Bump tomcat release number
tomcat-7.0.76-9.el7_6.noarch [90 KiB] Changelog by Coty Sutherland (2019-02-12):
- Resolves: rhbz#1641873 CVE-2018-11784 tomcat: Open redirect in default servlet
tomcat-7.0.76-8.el7_5.noarch [90 KiB] Changelog by Coty Sutherland (2018-10-01):
- Resolves: rhbz#1608608 CVE-2018-1336 tomcat: A bug in the UTF 8 decoder can lead to DoS
tomcat-7.0.76-7.el7_5.noarch [90 KiB] Changelog by Jean-Frederic Clere (2018-07-18):
- Resolves: rhbz#1607893 Deadlock occurs while sending to a closing session.
tomcat-7.0.76-6.el7.noarch [90 KiB] Changelog by Coty Sutherland (2017-11-08):
- Related: rhbz#1505762 Remove erroneous useradd
tomcat-7.0.76-3.el7_4.noarch [89 KiB] Changelog by Coty Sutherland (2017-10-12):
- Resolves: rhbz#1498344 CVE-2017-12615 CVE-2017-12617 tomcat: various flaws
- Resolves: rhbz#1495654 CVE-2017-7674 tomcat: Vary header not added by CORS filter leading to cache poisoning
- Resolves: rhbz#1470596 CVE-2017-5647 Add follow up revision
tomcat-7.0.76-2.el7.noarch [89 KiB] Changelog by Coty Sutherland (2017-06-08):
- Resolves: rhbz#1459747 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
- Resolves: rhbz#1441481 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used
tomcat-7.0.69-12.el7_3.noarch [89 KiB] Changelog by Coty Sutherland (2017-06-09):
- Resolves: rhbz#1441487 CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object
- Resolves: rhbz#1441480 CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used
- Resolves: rhbz#1459746 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
tomcat-7.0.69-11.el7_3.noarch [88 KiB] Changelog by Coty Sutherland (2017-03-28):
- Resolves: rhbz#1413591 CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing
- Resolves: rhbz#1402662 CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests
tomcat-7.0.69-10.el7.noarch [88 KiB] Changelog by Coty Sutherland (2016-08-25):
- Related: rhbz#1368122
tomcat-7.0.54-8.el7_2.noarch [85 KiB] Changelog by Coty Sutherland (2016-08-25):
- Resolves: rhbz#1368121
tomcat-7.0.54-2.el7_1.noarch [85 KiB] Changelog by David Knox (2015-03-24):
- Resovles: CVE-2014-0227

Listing created by repoview