FEDORA-2016-0a4dccdd23 created by csutherl 3 years ago for Fedora 23
stable

This updates includes a rebase from tomcat 8.0.32 up to 8.0.36 to resolve:

  • #1349469 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service

and also includes the following bug fixes:

  • #1341850 tomcat-jsvc.service has TOMCAT_USER value hard-coded
  • #1341853 rpm -V tomcat fails on /var/log/tomcat/catalina.out
  • #1347835 The security manager doesn't work correctly (JSPs cannot be compiled)
  • #1347864 The systemd service unit does not allow tomcat to shut down gracefully
  • #1357428 Tomcat 8.0.32 breaks deploy for candlepin.
  • #1359737 Missing maven depmap for the following artifacts: org.apache.tomcat:tomcat-websocket, org.apache.tomcat:tomcat-websocket-api
  • #1363884 The tomcat-tool-wrapper script is broken
  • #1364056 The command tomcat-digest doesn't work

How to install

sudo dnf upgrade --advisory=FEDORA-2016-0a4dccdd23
This update has been submitted for testing by csutherl. 3 years ago
csutherl edited this update. 3 years ago
This update has been pushed to testing. 3 years ago
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes 3 years ago
This update has been submitted for stable by csutherl. 3 years ago
This update has been pushed to stable. 3 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#1341850 tomcat-jsvc.service has TOMCAT_USER value hard-coded
0
0
BZ#1341853 rpm -V tomcat fails on /var/log/tomcat/catalina.out
0
0
BZ#1347835 The security manager doesn't work correctly (JSPs cannot be compiled)
0
0
BZ#1347864 The systemd service unit does not allow tomcat to shut down gracefully
0
0
BZ#1349468 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service
0
0
BZ#1349469 CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service [fedora-all]
0
0
BZ#1357428 Tomcat 8.0.32 breaks deploy for candlepin.
0
0
BZ#1359737 Missing maven depmap for the following artifacts: org.apache.tomcat:tomcat-websocket, org.apache.tomcat:tomcat-websocket-api
0
0
BZ#1363884 The tomcat-tool-wrapper script is broken
0
0
BZ#1364056 The command tomcat-digest doesn't work
0
0

Automated Test Results