logo
DATABASE RESOURCES PRICING ABOUT US

tomcat8 - security update

Description

Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrites, and potentially escalation of privileges. For the stable distribution (jessie), these problems have been fixed in version 8.0.14-1+deb8u4. We recommend that you upgrade your tomcat8 packages.


Affected Software


CPE Name Name Version
tomcat8 8.0.14-1+deb8u3
tomcat8 8.0.14-1+deb8u2
tomcat8 8.0.14-1+deb8u1
tomcat8 8.0.14-1

Related