USN-3027-1: Tomcat vulnerability
6 July 2016
Tomcat could be made to hang if it received specially crafted network traffic.
Releases
Packages
- tomcat8 - Servlet and JSP engine
Details
It was discovered that the Tomcat Fileupload library incorrectly handled
certain upload requests. A remote attacker could possibly use this issue to
cause a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-3024-1: libtomcat7-java, tomcat7-user, tomcat7-examples, libtomcat6-java, tomcat7-docs, tomcat7-admin, libservlet3.0-java, tomcat7, tomcat7-common, tomcat6, libservlet3.0-java-doc