Skip to main content
Vulnerability Intelligence
Platform
Solutions
Customers
Resources
Company
Login
Get Demo
Vulnerability Intelligence
SUSE-SU-2017:1382-1
SUSE-SU-2017:1382-1
UNKNOWN
Security update for tomcat
Published May 23, 2017
Modified 8 years ago
Fix available
Details
This update for tomcat fixes the following issues:
CVE-2017-5647 Pipelined requests could lead to information disclosure (bsc#1033448)
CVE-2017-5648 Untrusted application could retain listener leading to information disclosure (bsc#1033447)
CVE-2016-8745 shared Processor on Connector code could lead to information disclosure (bsc#1015119)
Affected Packages
tomcat
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
tomcat-admin-webapps
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
tomcat-docs-webapp
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
tomcat-el-3_0-api
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
tomcat-javadoc
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
tomcat-jsp-2_3-api
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
tomcat-lib
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
tomcat-servlet-3_1-api
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
tomcat-webapps
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Fixed in:
8.0.43-10.19.1
References
REPORT
https://bugzilla.suse.com/1015119
REPORT
https://bugzilla.suse.com/1033447
REPORT
https://bugzilla.suse.com/1033448
WEB
https://www.suse.com/security/cve/CVE-2016-8745
WEB
https://www.suse.com/security/cve/CVE-2017-5647
WEB
https://www.suse.com/security/cve/CVE-2017-5648
ADVISORY
https://www.suse.com/support/update/announcement/2017/suse-su-20171382-1/
Upstream
CVE-2016-8745
CVE-2017-5647
CVE-2017-5648
Related
CVE-2016-8745
CVE-2017-5647
CVE-2017-5648
Ecosystems
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Timeline
Published
May 23, 2017
Modified
May 23, 2017
SUSE-SU-2017:1382-1 | Mondoo Vulnerability Intelligence