logo
DATABASE RESOURCES PRICING ABOUT US

tomcat7 - security update

Description

Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrites, and potentially escalation of privileges. For the stable distribution (jessie), these problems have been fixed in version 7.0.56-3+deb8u5. We recommend that you upgrade your tomcat7 packages.


Affected Software


CPE Name Name Version
tomcat7 7.0.56-3+deb8u4
tomcat7 7.0.56-3+deb8u3
tomcat7 7.0.56-3+deb8u1
tomcat7 7.0.56-3
tomcat7 7.0.56-3+deb8u2

Related