Tomcat vulnerability

2016-09-19T00:00:00
ID USN-3081-1
Type ubuntu
Reporter Ubuntu
Modified 2016-09-19T00:00:00

Description

Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. (CVE-2016-1240)

This update also reverts a change in behaviour introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.