-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4835-1
security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 22, 2021
https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : tomcat9
CVE ID : CVE-2020-13943 CVE-2020-17527
Two vulnerabilities were discovered in the Tomcat servlet and JSP
engine, which could result in information disclosure.
For the stable distribution (buster), these problems have been fixed in
version 9.0.31-1~deb10u3.
We recommend that you upgrade your tomcat9 packages.
For the detailed security status of tomcat9 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tomcat9
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
https://www.debian.org/security/
Mailing list:
debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmALHM4ACgkQEMKTtsN8 TjbyVhAAsRMdG5035DP9mdfaw5st0w7DBICe6XmZJyM3aHGZCVpH0zXaPEVcI/xn oGiTZTPFiBbS3VpaUSREzCIolNov/wVm9Izly+HYHufVnNRTnd7H9DRL5h72jcjL SiyPNLKtN9xlm/2rzOwyAnNrqw/CSzr4jSsJ0Q25cHuwlJzIOap2uBFx6yELgktK EyfN9yPgQXVa46DVPnOWDocO/DjRbILfP3QRHZ9yITNtxfde/KUOi5kpznWDiYV9 FD4CUN/0/PKS8391oa7upMOaYQSnyi/l70kKlQle03f0/5zMMs13TU7kttyYJ+2L qWQaWcnCDC+CxmvLZYkOEbp+hspJpSkJev3pMCeoPzEGzVPP7ELI92niq4XBZAvv Q09tmQ2XjDw6T78oSGk+iaWWKyxjvIlFOvGPANR1yXp78p7abegJvDDXcFRCEQc/ OCMf8FUjIOCkXjEZNugbEyhD0W/jScqi22d7oPMaslmBBbnd/XGJvfMRS2VXQkBk yzMdqfgEwLMzKMcHw3ZzhKaw1zARbJ4r3imohUc+nrw+0r+tOdqxT3geRTMFgXLI rOMxlbSYTSJFb90uVIH73NsERbjr1BqufK2zG2hbnmFA5KG3Tq+kuEwkCxVYdc5C JBy5onP64pXnlZZKQfDZ7rc5n5BCAceVaJebBLW1oEXlA8ivooU=
=AUbU
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)