Summary: | <www-servers/tomcat-{7.0.105, 8.5.57}: Multiple vulnerabilities (CVE-2020-{13934,13935}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | fordfrog, java |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bz.apache.org/bugzilla/show_bug.cgi?id=64563 | ||
Whiteboard: | B3 [noglsa cve cleanup] | ||
Package list: |
=dev-java/tomcat-servlet-api-7.0.105 amd64 x86
=dev-java/tomcat-servlet-api-8.5.57 amd64 ppc64 x86
=dev-java/tomcat-servlet-api-9.0.37 amd64
=www-servers/tomcat-7.0.105 amd64
=www-servers/tomcat-8.5.57 amd64
|
Runtime testing required: | --- |
Description
John Helmert III
2020-07-10 19:23:01 UTC
* CVE-2020-13934 "Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.0-M6 Apache Tomcat 9.0.0.M5 to 9.0.36 Apache Tomcat 8.5.1 to 8.5.56 Description: An h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service. Mitigation: - Upgrade to Apache Tomcat 10.0.0-M7 or later - Upgrade to Apache Tomcat 9.0.37 or later - Upgrade to Apache Tomcat 8.5.57 or later" * CVE-2020-13935 "Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.0-M6 Apache Tomcat 9.0.0.M1 to 9.0.36 Apache Tomcat 8.5.0 to 8.5.56 Apache Tomcat 7.0.27 to 7.0.104 Description: The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. Mitigation: - Upgrade to Apache Tomcat 10.0.0-M7 or later - Upgrade to Apache Tomcat 9.0.37 or later - Upgrade to Apache Tomcat 8.5.57 or later" please stabilize The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9ad6505d0f6be0dc01ae0e77136db16abda0b634 commit 9ad6505d0f6be0dc01ae0e77136db16abda0b634 Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2020-07-14 16:38:28 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2020-07-14 16:41:27 +0000 www-servers/tomcat: removed vulnerable 9.0.36 Bug: https://bugs.gentoo.org/732128 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-servers/tomcat/Manifest | 3 - .../tomcat/files/tomcat-9.0.27-build.xml.patch | 278 --------------------- www-servers/tomcat/tomcat-9.0.36.ebuild | 181 -------------- 3 files changed, 462 deletions(-) ppc64 stable x86 stable amd64 stable. Maintainer(s), please cleanup. Security, please vote. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7801359547d4db9a10608c493b1d3ad00f86381c commit 7801359547d4db9a10608c493b1d3ad00f86381c Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2020-07-20 08:39:51 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2020-07-20 08:40:09 +0000 www-servers/tomcat: removed obsolete and vulnerable Bug: https://bugs.gentoo.org/732128 Package-Manager: Portage-3.0.0, Repoman-2.3.23 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-servers/tomcat/Manifest | 2 - .../tomcat/files/tomcat-8.5.47-build.xml.patch | 259 --------------------- www-servers/tomcat/tomcat-7.0.104.ebuild | 146 ------------ www-servers/tomcat/tomcat-8.5.56.ebuild | 158 ------------- 4 files changed, 565 deletions(-) noglsa. Closing, thanks everyone. |