Issued at: 2024-02-12
Updated at: 2024-02-12
Synopsis
Important: tomcat security update
Description
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* tomcat: HTTP request smuggling via malformed trailer headers (CVE-2023-46589)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 8 aarch64
Rocky Linux 8 x86_64
Fixes
2252050
CVEs
CVE-2023-46589
Affected packages
Rocky Linux 8 x86_64 - AppStream
tomcat-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-1:9.0.62-27.el8_9.3.src.rpm
tomcat-admin-webapps-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-docs-webapp-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-el-3.0-api-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-jsp-2.3-api-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-lib-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-servlet-4.0-api-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-webapps-1:9.0.62-27.el8_9.3.noarch.rpm
Rocky Linux 8 aarch64 - AppStream
tomcat-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-1:9.0.62-27.el8_9.3.src.rpm
tomcat-admin-webapps-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-docs-webapp-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-el-3.0-api-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-jsp-2.3-api-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-lib-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-servlet-4.0-api-1:9.0.62-27.el8_9.3.noarch.rpm
tomcat-webapps-1:9.0.62-27.el8_9.3.noarch.rpm