FEDORA-2020-c870aa8378 created by csutherl 2 years ago for Fedora 30
stable

This update includes a rebase from 9.0.30 up to 9.0.31 which resolves one CVE along with various other bugs/features:

  • #1806805 CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
  • #1801729 tomcat-9.0.31 is available

WARNING - This update does not enforce the change in defaults for the AJP Connector like the upstream fix does. This is done to prevent breakage of current installations, but it is highly advised to review your AJP Connector configuration to ensure that it is only accessible by your proxy! For more information see the Tomcat Security Page and the Tomcat Security Considerations Document.

How to install

sudo dnf upgrade --advisory=FEDORA-2020-c870aa8378

This update has been submitted for testing by csutherl.

2 years ago

This update's test gating status has been changed to 'waiting'.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon adamwill commented & provided feedback 2 years ago
karma

Same as F31 update, this breaks the openQA FreeIPA tests - see links on Automated Tests tab. Logs available in 'Logs & Assets' tab of the failed tests. Didn't look into the cause myself yet, but it definitely broke something. @ab

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

2 years ago

csutherl edited this update.

New build(s):

  • tomcat-9.0.31-2.fc30

Removed build(s):

  • tomcat-9.0.31-1.fc30

Karma has been reset.

2 years ago

This update has been submitted for testing by csutherl.

2 years ago

csutherl edited this update.

2 years ago

This update has been pushed to testing.

2 years ago

This update can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for stable by csutherl.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago

Automated Test Results