[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2407-1] tomcat8 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2407-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
October 14, 2020                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : tomcat8
Version        : 8.5.54-0+deb9u4
CVE ID         : CVE-2020-13943

It was discovered that there was an issue in Apache Tomcat 8, the
Java application server. An excessive number of concurrent streams
could have resulted in users seeing responses for unexpected
resources.

For Debian 9 "Stretch", this problem has been fixed in version
8.5.54-0+deb9u4.

We recommend that you upgrade your tomcat8 packages.

For the detailed security status of tomcat8 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tomcat8

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl+G3N4ACgkQHpU+J9Qx
HlgLnQ/+I30tFJC8N5ed6pd5G4Re2Hq78J/zo+dIuy/pBc/aCBBDSaDxYPJP+QKt
C9JK7aDh1ZR0QtF5OqeyVapS7MzDsAXSUte/ZIh+cgHEDwcRXrg/UtyRcLqUSxxP
ScZV9hPKPDI53+64sBogY7YzFPg42GfgNw8dvvhLErZTJgl3U8z0F6uLhDCPA0BR
HcYUQf09UQ3ZNyKnGM5WsI/0F1pa3uRuTK1Qp5J8PTY+6Q8NMgKG7fHKZUJIyzIU
Pa2md2v76cjhQaAMz+9yNQqELI8KjisCCU4I8Mv//60mvhOyuCX2y2rTAGzBDqC/
pznnudD8u/J3N8ZN7OCH8JefBRc2iRCgkIqg6Pz6as2mMHSfjXiPmuoByCpnrDkX
XjmE72abH2vq/xNboA4nN7QQxsRjQJEGTFBPLfgtVlpbnRACrx+Mr0t716Ovphsh
N/QFoocdDun6YVPU8zJnnaDz5gShQmyDWGcU5WFL591sTNJQIBujLKrS4KIXgFjy
6AxdCq5FMKk5NQI0Qo5/9jL6EYnDBdrjq3JmCXvkUFT9OATupP23yYjYxnHJrHEF
vsKheusL3r+ovSSSY2aaiH1H+/ePLcGph8cAwWI2OLc83TizuGMxuSSHe7xP2iUK
u4liLPp6uuFgs5avEO36+VzcogLcMjRP4BQ+NUmECi6TujKVtTQ=
=LTeF
-----END PGP SIGNATURE-----


Reply to: