Apache Tomcat was updated to 7.0.82 adding features, fixing bugs and
security issues.
This is another bugfix release, for full details see:
<a href="https://tomcat.apache.org/tomcat-7.0-doc/changelog.html">https://tomcat.apache.org/tomcat-7.0-doc/changelog.html</a>
Fixed security issues:
- CVE-2017-5664: A problem in handling error pages was fixed, to avoid
potential file overwrites during error page handling. (bsc#1042910).
- CVE-2017-7674: A CORS Filter issue could lead to client and server side
cache poisoning (bsc#1053352)
- CVE-2017-12617: A remote code execution possibility via JSP Upload was
fixed (bsc#1059554)
- CVE-2017-12616: An information disclosure when using VirtualDirContext
was fixed (bsc#1059551)
- CVE-2017-12615: A Remote Code Execution via JSP Upload was fixed
(bsc#1059554)
Non-security issues fixed:
- Fix tomcat-digest classpath error (bsc#977410)