Bugs fixes in "tomcat9"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| Launchpad | 1903851 | Tomcat9: multipart upload fails over https | 2022-12-14 |
| Launchpad | 1903851 | Tomcat9: multipart upload fails over https | 2022-12-02 |
| Launchpad | 1964881 | Logging/Log rotation does not work for catalina.out | 2022-08-17 |
| Launchpad | 1964881 | Logging/Log rotation does not work for catalina.out | 2022-08-11 |
| Launchpad | 1964881 | Logging/Log rotation does not work for catalina.out | 2022-07-26 |
| Launchpad | 1964881 | Logging/Log rotation does not work for catalina.out | 2022-07-26 |
| CVE | CVE-2020-13943 | If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of c | 2022-03-31 |
| CVE | CVE-2020-17527 | While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTT | 2022-03-31 |
| CVE | CVE-2021-25122 | When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate re | 2022-03-31 |
| CVE | CVE-2020-9494 | Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the | 2022-03-31 |
| CVE | CVE-2020-9484 | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to contr | 2022-03-31 |
| CVE | CVE-2021-25329 | The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with | 2022-03-31 |
| CVE | CVE-2021-33037 | Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some c | 2022-03-31 |
| CVE | CVE-2021-30640 | A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of | 2022-03-31 |
| CVE | CVE-2021-41079 | Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured | 2022-03-31 |
| CVE | CVE-2020-13943 | If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of c | 2022-03-31 |
| CVE | CVE-2020-17527 | While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTT | 2022-03-31 |
| CVE | CVE-2021-25122 | When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate re | 2022-03-31 |
| CVE | CVE-2020-9494 | Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the | 2022-03-31 |
| CVE | CVE-2021-25329 | The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with | 2022-03-31 |
About
-
Send Feedback to @ubuntu_updates
