• [SECURITY] [DSA 4835-1] tomcat9 security update

    From Moritz Muehlenhoff@21:1/5 to All on Fri Jan 22 20:00:02 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4835-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 22, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : tomcat9
    CVE ID : CVE-2020-13943 CVE-2020-17527

    Two vulnerabilities were discovered in the Tomcat servlet and JSP
    engine, which could result in information disclosure.

    For the stable distribution (buster), these problems have been fixed in
    version 9.0.31-1~deb10u3.

    We recommend that you upgrade your tomcat9 packages.

    For the detailed security status of tomcat9 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/tomcat9

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmALHM4ACgkQEMKTtsN8 TjbyVhAAsRMdG5035DP9mdfaw5st0w7DBICe6XmZJyM3aHGZCVpH0zXaPEVcI/xn oGiTZTPFiBbS3VpaUSREzCIolNov/wVm9Izly+HYHufVnNRTnd7H9DRL5h72jcjL SiyPNLKtN9xlm/2rzOwyAnNrqw/CSzr4jSsJ0Q25cHuwlJzIOap2uBFx6yELgktK EyfN9yPgQXVa46DVPnOWDocO/DjRbILfP3QRHZ9yITNtxfde/KUOi5kpznWDiYV9 FD4CUN/0/PKS8391oa7upMOaYQSnyi/l70kKlQle03f0/5zMMs13TU7kttyYJ+2L qWQaWcnCDC+CxmvLZYkOEbp+hspJpSkJev3pMCeoPzEGzVPP7ELI92niq4XBZAvv Q09tmQ2XjDw6T78oSGk+iaWWKyxjvIlFOvGPANR1yXp78p7abegJvDDXcFRCEQc/ OCMf8FUjIOCkXjEZNugbEyhD0W/jScqi22d7oPMaslmBBbnd/XGJvfMRS2VXQkBk yzMdqfgEwLMzKMcHw3ZzhKaw1zARbJ4r3imohUc+nrw+0r+tOdqxT3geRTMFgXLI rOMxlbSYTSJFb90uVIH73NsERbjr1BqufK2zG2hbnmFA5KG3Tq+kuEwkCxVYdc5C JBy5onP64pXnlZZKQfDZ7rc5n5BCAceVaJebBLW1oEXlA8ivooU=
    =AUbU
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)