1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4984-1] tomcat9 security update

    From Moritz Muehlenhoff@21:1/5 to All on Thu Oct 14 22:40:02 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4984-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 14, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : tomcat9
    CVE ID : CVE-2021-30640 CVE-2021-41079

    Two vulnerabilities were discovered in the Tomcat servlet and JSP engine,
    which could result in denial of service.

    For the oldstable distribution (buster), these problems have been fixed
    in version 9.0.31-1~deb10u6.

    For the stable distribution (bullseye), these problems have been fixed in version 9.0.43-2~deb11u2.

    We recommend that you upgrade your tomcat9 packages.

    For the detailed security status of tomcat9 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/tomcat9

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmFok+gACgkQEMKTtsN8 TjZDbg/8D0kfepA/7f6I94IQaO2l83ct22L0KRvFs71rW488M9R9SeBYuwWG63kV Lfptm7+djz1lvbPcHCtbTtmWi6jfLpL/p0QU4NbRoGiv4gkqmBCEhKLKmVWSMp/B KINQXc7QcxpaVN8m2RfIhh4z9kmjcuUTUlfwD5rX253gsfXAPsiQv8KyXDUZV4ga 9GmFllzwWXGA0rfgzPy9owqXbjqs9ZeJj28EkSvxnnPq3U13OQbdH6uqh4MtYF25 kiyL7WClz/zV+ea60GySznHIl/qs0x+JqD4WhFsRImvr8i5YGzz6c7bapU2wdOND FkIJ9/zpxwWvzmtzTqxwlRgKz2IpFz/4xXEFQXpGAMpSP2luXW4BBq/IKzQNqb84 uIGJmHRiDEiwQ9C3JPK4LGP8lvkqmCDQRCDfF/Q8V8DW1KZJKbIHa0ZRcTj07JlB 9CJvVAWoiwrzFCgnt249Y++pdxlk8bP1d4xhD5eU88+B+t3YEtiqhJpKqlkxSVFx M/twu7ivJtQBZ6MTyP4L84evi8YvPKQcFwydP3H+cJU5+BjkbSnxhP7Era3+tKDH +D0W4u9CUH+GFYvXwclZsXBPQOWyEeDoS7mG3JLQ2eP5EvS9I+8e++aHC57JY8rd 22pSwzrEAf7kqEqct3kIpUHbN/zfemOrSlx8Apm4Ns3ze1380/o=
    =sRPH
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)