[SECURITY] [DSA 3614-1] tomcat7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3614-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 02, 2016 https://www.debian.org/security/faq -...

Medium: tomcat7

Issue Overview: MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted Content-Type header that bypasses a loop's intended exit...