1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5522-3] tomcat9 regression update

    From Markus Koschany@21:1/5 to All on Tue Oct 17 00:00:02 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5522-3 security@debian.org https://www.debian.org/security/ Markus Koschany October 16, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : tomcat9
    CVE ID : CVE-2023-44487

    A regression was discovered in the Http2UpgradeHandler class of Tomcat 9 introduced by the patch to fix CVE-2023-44487 (Rapid Reset Attack). A wrong value for the overheadcount variable forced HTTP2 connections to close early.

    For the oldstable distribution (bullseye), this problem has been fixed
    in version 9.0.43-2~deb11u9.

    We recommend that you upgrade your tomcat9 packages.

    For the detailed security status of tomcat9 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/tomcat9

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUtrGRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRklBAAg7AmsDgaOQ6E4PR41JewkEIlV/n/jfqEkhHXRxG9zG4yijcszgTcF3Ii rf3lBgytAMlSD7dRyy9HG6tRpgMTaajEgeAZdeL01mQf0JnJMg3WPZbkDV9kgyzy TMhKjMwaSi65nuBETud5OTZIVsnpaonWsQsTxjaIrbdGnQFJrr13cRVKrY8aT5Ur AxtxTFL8FGQxU+RgTehV5KMbtCY9kZhemwyQ6LRk1UstWhype8/ydK7UCaQEJ777 zyl7ioGvv15GmZMMJCZ1zH0Z6FXlhbVDLCcVshJN3/ddlVTC9Xx10lCEx/hZY29x b6Stq/YMayZMoKQY2V3JeQbM3OMCPalpcPU+/WbhuX9eZuWHapnlyTwgsjQOVLNc prPfuUAAGCmNFuPMqN//EtmSQV5SP+dqJrwcGMxWDmuagB4qD9nbwtr1zNb5QJpK rK24yHlY3Pmu1yegPIeZIJxuFMc5N5cIDj7BfKY51nnV5kbHRshSacBmbm4Sxvfv lqEPeqZKogGIAXvmPSeC1gCoL0l98rKVOq3bc8+9z2TgB7W/vB60/IyM1pR8svPu +ShPWFh+tkWvt4PjgZ+qThM+xGkcMX12lhRDmFhs4rE8IQIDChiZWBMReggtw6Ii ETuYDmr5EAd5u5ymMyQmououeNKwRDi4AbGRPV7JddIVkcbUxgk=
    =ENCN
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)