A security issue has been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to the request object not being recycled before processing the next request when logging certain actions. This can lead to e.g. the remote IP address and HTTP headers being carried forward to the next request and certain policies being bypassed.
The security issue is reported in versions 6.0.30 through 6.0.33.
Update to version 6.0.35 or later.
Provided and/or discovered by
charlie in a bug report.
We need to get the unaffected versions stable before we can go to [glsa?] ;)
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly
perform certain caching and recycling operations involving request objects,
which allows remote attackers to obtain unintended read access to IP address
and HTTP header information in opportunistic circumstances by reading TCP
Thanks, folks. GLSA Vote: yes.
GLSA vote: yes.
Added to existing GLSA request.
no affected version in the tree anymore
This issue was resolved and addressed in
GLSA 201206-24 at http://security.gentoo.org/glsa/glsa-201206-24.xml
by GLSA coordinator Tobias Heinlein (keytoaster).