Lucene search

K
oraclelinuxOracleLinuxELSA-2024-3307
HistoryMay 23, 2024 - 12:00 a.m.

tomcat security and bug fix update

2024-05-2300:00:00
linux.oracle.com
6
tomcat 9.0.87-1
security update
websocket dos
http/2 header handling
cves

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

[1:9.0.87-1.el9_4.1]

  • Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87
  • Resolves: RHEL-31048
    tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)
  • Resolves: RHEL-31032
    tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)
  • Resolves: RHEL-35328 - Amend tomcat’s changelog
    (CVE-2023-46589, CVE-2023-45648, CVE-2023-42795, CVE-2023-42794, CVE-2023-44487, CVE-2023-41080)