Parent Directory
| 
Revision Log
MGASA-2013-0191
| 1 | claire | 104 | type: security |
| 2 | subject: Updated tomcat7 packages fix CVE-2013-2071 | ||
| 3 | CVE: | ||
| 4 | - CVE-2013-2071 | ||
| 5 | src: | ||
| 6 | 2: | ||
| 7 | core: | ||
| 8 | - tomcat-7.0.41-3.mga2 | ||
| 9 | 3: | ||
| 10 | core: | ||
| 11 | - tomcat-7.0.41-4.mga3 | ||
| 12 | description: | | ||
| 13 | java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x | ||
| 14 | before 7.0.40 does not properly handle the throwing of a RuntimeException | ||
| 15 | in an AsyncListener in an application, which allows context-dependent | ||
| 16 | attackers to obtain sensitive request information intended for other | ||
| 17 | applications in opportunistic circumstances via an application that records | ||
| 18 | the requests that it processes (CVE-2013-2071). | ||
| 19 | references: | ||
| 20 | - http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40 | ||
| 21 | - http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105886.html | ||
| 22 | - https://bugs.mageia.org/show_bug.cgi?id=10200 | ||
| 23 | boklm | 119 | ID: MGASA-2013-0191 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |