Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP2
patchinfo.21635
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.21635
<patchinfo incident="21635"> <issue tracker="cve" id="2021-41079"/> <issue tracker="cve" id="2021-30640"/> <issue tracker="cve" id="2021-33037"/> <issue tracker="bnc" id="1188279">VUL-0: CVE-2021-30640: tomcat6,tomcat: vulnerability in the JNDI Realm allows authentication using variations of a valid user name</issue> <issue tracker="bnc" id="1188278">VUL-0: CVE-2021-33037: tomcat6,tomcat: HTTP transfer-encoding request header not correctly parsed leading to possible request smuggling</issue> <issue tracker="bnc" id="1190558">VUL-0: CVE-2021-41079: tomcat: Apache Tomcat DoS with unexpected TLS packet</issue> <packager>mbussolotto</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for tomcat</summary> <description>This update for tomcat fixes the following issues: - CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279). - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278). - CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet (bsc#1190558). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor