A security issue has been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the request object not being recycled before processing the next request when logging certain actions. This can lead to e.g. the remote IP address and HTTP headers being carried forward to the next request and certain policies being bypassed. The security issue is reported in versions 6.0.30 through 6.0.33. Solution Update to version 6.0.35 or later. Provided and/or discovered by charlie in a bug report. Original Advisory https://issues.apache.org/bugzilla/show_bug.cgi?id=51872 http://mail-archives.apache.org/mod_mbox/tomcat-announce/201201.mbox/%3C4F155CDC.8050804%40apache.org%3E
We need to get the unaffected versions stable before we can go to [glsa?] ;)
CVE-2011-3375 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3375): Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
Thanks, folks. GLSA Vote: yes.
GLSA vote: yes. Added to existing GLSA request.
no affected version in the tree anymore
This issue was resolved and addressed in GLSA 201206-24 at http://security.gentoo.org/glsa/glsa-201206-24.xml by GLSA coordinator Tobias Heinlein (keytoaster).