drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Apache Tomcat (Aktualisierung)
Name: |
Denial of Service in Apache Tomcat (Aktualisierung) |
|
ID: |
DSA-3787-2 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie |
|
Datum: |
Mi, 22. Februar 2017, 21:08 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
Apache Tomcat |
|
Update von: |
Denial of Service in Apache Tomcat |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3787-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 22, 2017 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : tomcat7
The update for tomcat7 issued as DSA-3787-1 caused that the server could return HTTP 400 errors under certain circumstances. Updated packages are now available to correct this issue. For reference, the original advisory text follows.
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop.
For the stable distribution (jessie), this problem has been fixed in version 7.0.56-3+deb8u9.
We recommend that you upgrade your tomcat7 packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlituMFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0T4ORAAnj6MlryuaiMsuFZiQOCxwfZOeUypx3ls8PKdumLY9YnKLZIz5IS98cLn zvCCC5TqiGOOrAB7G4+jHMuX5rGhXSyCMHnR1EMtGsEaKP4AbjmbGn5E41SX3+hP TRFVIHY6mTwZa+J2fQ3I8KSqatd120edRxDUYkqF1bk9PSfqPa9jd+Z4jZrT4/9I WePo6YUppH9Oy+0rp9obIRYze3kr1VMUpH/qU9Flv9phgAx5rQK23gu9f8Bu7WSS ID8pNVxio5g86Ko2egJdlblcfoGRXA5J/GLWv8tyy22P593SjDUDQQsAmznlDLV0 EixfS9dwBdrUK5LImtH9wa02C2gcZQVXsW2TKlf8TXmw1XN0ODYZWVKJ39egRoYc pls3Cd0RPgWUsnMBFwerAa0BQs3hVKQwx6Dzh6eIQ3b7kuI3B9xefgKgDl/6d7O1 RP41aI/5CRzBrW3brCPdcPEesuZKrN/3HYDc6XRc6m1jduAz+SIQNbp7UyufK4JK pK5y94qET5yeFyCj8uaMr6IlXlX3A2dwTwXmCANe9emvhuXYu4HZG/4m0VeMikIH s6pB0b7gFpizk3KtAbqB2NNH7PhN2SJqNyuN+rqbwVHrm3tC+0yF69qQnxseRfcw 2/kWm2KuCls3GCMCx5Tcak45PDEO00dmNB5KW2MPGygom1h4xoo= =UFFy -----END PGP SIGNATURE-----
|
|
|
|