CVE-2023-28709: The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.
GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=a8b85191c046076a4e4d12c8541d49e1473aaa66 commit a8b85191c046076a4e4d12c8541d49e1473aaa66 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-05-30 03:03:08 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-05-30 03:05:04 +0000 [ GLSA 202305-37 ] Apache Tomcat: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/878911 Bug: https://bugs.gentoo.org/889596 Bug: https://bugs.gentoo.org/896370 Bug: https://bugs.gentoo.org/907387 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202305-37.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+)
GLSA released, all done!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=023c3018165ffad6f1f6a874561e1c3c555cb505 commit 023c3018165ffad6f1f6a874561e1c3c555cb505 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2023-05-31 02:20:03 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-05-31 02:20:25 +0000 [ GLSA 202305-37 ] fix versions, add other slots Bug: https://bugs.gentoo.org/878911 Bug: https://bugs.gentoo.org/889596 Bug: https://bugs.gentoo.org/896370 Bug: https://bugs.gentoo.org/907387 Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202305-37.xml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-)