logo
DATABASE RESOURCES PRICING ABOUT US

Important: tomcat8

Description

**Issue Overview:** CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener **Affected Packages:** tomcat8 **Issue Correction:** Run _yum update tomcat8_ to update your system. **New Packages:** noarch:     tomcat8-el-3.0-api-8.0.39-1.67.amzn1.noarch     tomcat8-docs-webapp-8.0.39-1.67.amzn1.noarch     tomcat8-admin-webapps-8.0.39-1.67.amzn1.noarch     tomcat8-javadoc-8.0.39-1.67.amzn1.noarch     tomcat8-8.0.39-1.67.amzn1.noarch     tomcat8-servlet-3.1-api-8.0.39-1.67.amzn1.noarch     tomcat8-webapps-8.0.39-1.67.amzn1.noarch     tomcat8-log4j-8.0.39-1.67.amzn1.noarch     tomcat8-lib-8.0.39-1.67.amzn1.noarch     tomcat8-jsp-2.3-api-8.0.39-1.67.amzn1.noarch src:     tomcat8-8.0.39-1.67.amzn1.src ### Additional References Red Hat: [CVE-2016-6816](<https://access.redhat.com/security/cve/CVE-2016-6816>), [CVE-2016-8735](<https://access.redhat.com/security/cve/CVE-2016-8735>) Mitre: [CVE-2016-6816](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816>), [CVE-2016-8735](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735>)


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 1 tomcat8-el-3.0-api 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8-docs-webapp 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8-admin-webapps 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8-javadoc 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8-servlet-3.1-api 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8-webapps 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8-log4j 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8-lib 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8-jsp-2.3-api 8.0.39-1.67.amzn1
Amazon Linux 1 tomcat8 8.0.39-1.67.amzn1

Related