logo
DATABASE RESOURCES PRICING ABOUT US

Important: tomcat7

Description

**Issue Overview:** CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener **Affected Packages:** tomcat7 **Issue Correction:** Run _yum update tomcat7_ to update your system. **New Packages:** noarch:     tomcat7-7.0.73-1.23.amzn1.noarch     tomcat7-jsp-2.2-api-7.0.73-1.23.amzn1.noarch     tomcat7-lib-7.0.73-1.23.amzn1.noarch     tomcat7-webapps-7.0.73-1.23.amzn1.noarch     tomcat7-docs-webapp-7.0.73-1.23.amzn1.noarch     tomcat7-el-2.2-api-7.0.73-1.23.amzn1.noarch     tomcat7-log4j-7.0.73-1.23.amzn1.noarch     tomcat7-admin-webapps-7.0.73-1.23.amzn1.noarch     tomcat7-javadoc-7.0.73-1.23.amzn1.noarch     tomcat7-servlet-3.0-api-7.0.73-1.23.amzn1.noarch src:     tomcat7-7.0.73-1.23.amzn1.src ### Additional References Red Hat: [CVE-2016-6816](<https://access.redhat.com/security/cve/CVE-2016-6816>), [CVE-2016-8735](<https://access.redhat.com/security/cve/CVE-2016-8735>) Mitre: [CVE-2016-6816](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816>), [CVE-2016-8735](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735>)


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 1 tomcat7 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-jsp-2.2-api 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-lib 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-webapps 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-docs-webapp 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-el-2.2-api 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-log4j 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-admin-webapps 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-javadoc 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7-servlet-3.0-api 7.0.73-1.23.amzn1
Amazon Linux 1 tomcat7 7.0.73-1.23.amzn1

Related