| Summary: | <www-servers/tomcat-{6.0.41,7.0.56}: Commons UploadFile Denial of Service Vulnerability (CVE-2014-0050) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | java |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://secunia.com/advisories/56830/ | ||
| See Also: | https://bugs.gentoo.org/show_bug.cgi?id=739350 | ||
| Whiteboard: | B3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 519590 | ||
| Bug Blocks: | |||
As per upstream Fixed in Apache Tomcat 7.0.52 Note: The issue below was fixed in Apache Tomcat 7.0.51 but the release vote for the 7.0.51 release candidate did not pass. Therefore, although users must download 7.0.52 to obtain a version that includes a fix for this issue, version 7.0.51 is not included in the list of affected versions. Please advise if we are ready for stabilization. CVE-2014-0050 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0050): MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions. 7.0.52 is in tree, are we ready for stabilization? From the security URL this is stated as Fixed in 7.0.52. http://tomcat.apache.org/security-7.html 7.0.52 in Tree, are we ready to stabilize? Ping on stable question! (In reply to Yury German from comment #3) > 7.0.52 is in tree, are we ready for stabilization? Ping! Just committed tomcat-6.0.41 and tomcat-7.0.56. This issue was resolved and addressed in GLSA 201412-29 at http://security.gentoo.org/glsa/glsa-201412-29.xml by GLSA coordinator Sean Amoss (ackle). |
From ${URL} : Description A vulnerability has been reported in Apache Tomcat, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a bundled vulnerable version of Apache Commons FileUpload. For more information: SA56750 The vulnerability is reported in versions 7.0.50 and prior. Solution: Fixed in the source code repository. Further details available to Secunia VIM customers Original Advisory: http://tomcat.apache.org/security-7.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.