This update includes a rebase from 8.5.30 up to 8.5.32 which resolves two CVEs along with various other bugs/features:
Please login to add feedback.
|submitted||a year ago|
|in testing||a year ago|
|in stable||a year ago|
|0||0||#1579612 CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins [fedora-all]|
|0||0||#1607584 CVE-2018-8037 tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up [fedora-all]|
|0||0||#1607586 CVE-2018-8034 tomcat: host name verification missing in WebSocket client [fedora-all]|