tomcat 보안 업데이트
업데이트 : 2018.07.28
이름 : tomcat-0:7.0.90-1.an2
벤더 : AnNyung Packaging Team
Tomcat is the servlet container that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.
Tomcat is developed in an open and participatory environment and
released under the Apache Software License. Tomcat is intended to be
a collaboration of the best-of-breed developers from around the world.
We invite you to participate in this open development project.
- update 7.0.90
- security issues
. CVE-2018-8034 Low: host name verification missing in WebSocket client
. CVE-2018-8014 Low: CORS filter has insecure defaults
. CVE-2018-1305 Important: A bug in the UTF-8 decoder can lead to DoS