tomcat 보안 업데이트
업데이트 : 2018.10.20
이름 : tomcat-10:8.5.34-1.an3
벤더 : AnNyung Packaging Team
설명 :
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.
Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.
변경사항
- udpate 8.5.34 (plus repository)
see also http://apache.mirror.cdnetworks.com/tomcat/tomcat-8/v8.5.34/RELEASE-NOTES
see also http://apache.mirror.cdnetworks.com/tomcat/tomcat-8/v8.5.33/RELEASE-NOTES
- security issues
. CVE-2018-8014 Low: CORS filter has insecure defaults
. CVE-2018-8034 Low: host name verification missing in WebSocket client
. CVE-2018-8037 Important: Information Disclosure
. CVE-2018-11784 Moderate: Open Redirect
업데이트 패키지
SRPMS:
. tomcat-8.5.34-1.an3.src.rpm
noarch:
. tomcat-8.5.34-1.an3.noarch.rpm
. tomcat-admin-webapps-8.5.34-1.an3.noarch.rpm
. tomcat-docs-webapp-8.5.34-1.an3.noarch.rpm
. tomcat-el-3.0-api-8.5.34-1.an3.noarch.rpm
. tomcat-javadoc-8.5.34-1.an3.noarch.rpm
. tomcat-jsp-2.3-api-8.5.34-1.an3.noarch.rpm
. tomcat-jsvc-8.5.34-1.an3.noarch.rpm
. tomcat-lib-8.5.34-1.an3.noarch.rpm
. tomcat-servlet-3.1-api-8.5.34-1.an3.noarch.rpm
. tomcat-webapps-8.5.34-1.an3.noarch.rpm
|