java-sig-commits June 2020

java-sig-commits@lists.fedoraproject.org

1 participants
386 discussions

[Bug 1797062] New: CVE-2020-2103 jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page
by bugzilla＠redhat.com 27 Oct '21

27 Oct '21

https://bugzilla.redhat.com/show_bug.cgi?id=1797062 Bug ID: 1797062 Summary: CVE-2020-2103 jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: psampaio(a)redhat.com CC: abenaiss(a)redhat.com, adam.kaplan(a)redhat.com, aos-bugs(a)redhat.com, bmontgom(a)redhat.com, eparis(a)redhat.com, extras-orphan(a)fedoraproject.org, java-sig-commits(a)lists.fedoraproject.org, jburrell(a)redhat.com, jokerman(a)redhat.com, mizdebsk(a)redhat.com, msrb(a)redhat.com, nstielau(a)redhat.com, pbhattac(a)redhat.com, sponnaga(a)redhat.com, vbobade(a)redhat.com, wzheng(a)redhat.com Target Milestone: --- Classification: Other Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page. References: https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1695 https://www.openwall.com/lists/oss-security/2020/01/29/1 -- You are receiving this mail because: You are on the CC list for the bug.

1 12

[Bug 1767483] New: CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default
by bugzilla＠redhat.com 14 Oct '21

14 Oct '21

https://bugzilla.redhat.com/show_bug.cgi?id=1767483 Bug ID: 1767483 Summary: CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: bkearney(a)redhat.com, dblechte(a)redhat.com, decathorpe(a)gmail.com, dfediuck(a)redhat.com, eedri(a)redhat.com, fnasser(a)redhat.com, hhorak(a)redhat.com, java-maint(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jorton(a)redhat.com, mgoldboi(a)redhat.com, mhroncok(a)redhat.com, michal.skrivanek(a)redhat.com, mizdebsk(a)redhat.com, omajid(a)redhat.com, qe-baseos-apps(a)redhat.com, sbonazzo(a)redhat.com, sgehwolf(a)redhat.com, sherold(a)redhat.com, SpikeFedora(a)gmail.com, stewardship-sig(a)lists.fedoraproject.org, tlestach(a)redhat.com, yturgema(a)redhat.com Target Milestone: --- Classification: Other In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean. Reference: http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC62879… -- You are receiving this mail because: You are on the CC list for the bug.

1 70

[Bug 1799475] New: CVE-2020-5398 springframework: RFD attack via Content-Disposition Header sourced from request input by Spring MVC or Spring WebFlux Application
by bugzilla＠redhat.com 04 Oct '21

04 Oct '21

https://bugzilla.redhat.com/show_bug.cgi?id=1799475 Bug ID: 1799475 Summary: CVE-2020-5398 springframework: RFD attack via Content-Disposition Header sourced from request input by Spring MVC or Spring WebFlux Application Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: aileenc(a)redhat.com, akoufoud(a)redhat.com, alazarot(a)redhat.com, almorale(a)redhat.com, anstephe(a)redhat.com, chazlett(a)redhat.com, dblechte(a)redhat.com, dfediuck(a)redhat.com, dingyichen(a)gmail.com, drieden(a)redhat.com, eedri(a)redhat.com, esammons(a)redhat.com, etirelli(a)redhat.com, extras-orphan(a)fedoraproject.org, ggaughan(a)redhat.com, gvarsami(a)redhat.com, hvyas(a)redhat.com, ibek(a)redhat.com, janstey(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jcoleman(a)redhat.com, jochrist(a)redhat.com, jolee(a)redhat.com, jross(a)redhat.com, jschatte(a)redhat.com, jstastny(a)redhat.com, jwon(a)redhat.com, kconner(a)redhat.com, krathod(a)redhat.com, kverlaen(a)redhat.com, ldimaggi(a)redhat.com, lef(a)fedoraproject.org, mcressma(a)redhat.com, mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com, mnovotny(a)redhat.com, nwallace(a)redhat.com, paradhya(a)redhat.com, pjindal(a)redhat.com, puebele(a)redhat.com, puntogil(a)libero.it, rrajasek(a)redhat.com, rsynek(a)redhat.com, rwagner(a)redhat.com, sbonazzo(a)redhat.com, sdaley(a)redhat.com, sherold(a)redhat.com, sisharma(a)redhat.com, tcunning(a)redhat.com, tkirby(a)redhat.com, vbellur(a)redhat.com, vhalbert(a)redhat.com, yturgema(a)redhat.com Target Milestone: --- Classification: Other In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. Reference: https://pivotal.io/security/cve-2020-5398 -- You are receiving this mail because: You are on the CC list for the bug.

1 17

[Bug 1785699] New: CVE-2019-12418 tomcat: local privilege escalation
by bugzilla＠redhat.com 04 Oct '21

04 Oct '21

https://bugzilla.redhat.com/show_bug.cgi?id=1785699 Bug ID: 1785699 Summary: CVE-2019-12418 tomcat: local privilege escalation Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: aileenc(a)redhat.com, akoufoud(a)redhat.com, alazarot(a)redhat.com, alee(a)redhat.com, almorale(a)redhat.com, anstephe(a)redhat.com, chazlett(a)redhat.com, coolsvap(a)gmail.com, csutherl(a)redhat.com, drieden(a)redhat.com, etirelli(a)redhat.com, extras-orphan(a)fedoraproject.org, ggaughan(a)redhat.com, gzaronik(a)redhat.com, ibek(a)redhat.com, ivan.afonichev(a)gmail.com, janstey(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jclere(a)redhat.com, jochrist(a)redhat.com, jstastny(a)redhat.com, jwon(a)redhat.com, krathod(a)redhat.com, krzysztof.daniel(a)gmail.com, kverlaen(a)redhat.com, lgao(a)redhat.com, mbabacek(a)redhat.com, mnovotny(a)redhat.com, myarboro(a)redhat.com, paradhya(a)redhat.com, pjindal(a)redhat.com, rhcs-maint(a)redhat.com, rrajasek(a)redhat.com, rsynek(a)redhat.com, sdaley(a)redhat.com, weli(a)redhat.com Target Milestone: --- Classification: Other When Tomcat is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance. Reference: https://tomcat.apache.org/security-7.html https://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-9.html Upstream commits: https://github.com/apache/tomcat/commit/bef3f40 https://github.com/apache/tomcat/commit/a91d7db https://github.com/apache/tomcat/commit/1fc9f58 -- You are receiving this mail because: You are on the CC list for the bug.

1 32

[Bug 1851420] New: CVE-2020-11996 tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS
by bugzilla＠redhat.com 04 Oct '21

04 Oct '21

https://bugzilla.redhat.com/show_bug.cgi?id=1851420 Bug ID: 1851420 Summary: CVE-2020-11996 tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: aboyko(a)redhat.com, aileenc(a)redhat.com, akoufoud(a)redhat.com, alazarot(a)redhat.com, alee(a)redhat.com, almorale(a)redhat.com, anstephe(a)redhat.com, asoldano(a)redhat.com, atangrin(a)redhat.com, avibelli(a)redhat.com, bbaranow(a)redhat.com, bgeorges(a)redhat.com, bmaxwell(a)redhat.com, brian.stansberry(a)redhat.com, cdewolf(a)redhat.com, chazlett(a)redhat.com, cmoulliard(a)redhat.com, coolsvap(a)gmail.com, csutherl(a)redhat.com, darran.lofthouse(a)redhat.com, dbecker(a)redhat.com, dkreling(a)redhat.com, dosoudil(a)redhat.com, drieden(a)redhat.com, etirelli(a)redhat.com, ggaughan(a)redhat.com, gmalinko(a)redhat.com, gzaronik(a)redhat.com, hhorak(a)redhat.com, huwang(a)redhat.com, ibek(a)redhat.com, ikanello(a)redhat.com, ivan.afonichev(a)gmail.com, iweiss(a)redhat.com, janstey(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jawilson(a)redhat.com, jbalunas(a)redhat.com, jclere(a)redhat.com, jjoyce(a)redhat.com, jochrist(a)redhat.com, jolee(a)redhat.com, jorton(a)redhat.com, jpallich(a)redhat.com, jperkins(a)redhat.com, jschatte(a)redhat.com, jschluet(a)redhat.com, jstastny(a)redhat.com, jwon(a)redhat.com, kbasil(a)redhat.com, krathod(a)redhat.com, krzysztof.daniel(a)gmail.com, kverlaen(a)redhat.com, kwills(a)redhat.com, lgao(a)redhat.com, lhh(a)redhat.com, lpeer(a)redhat.com, lthon(a)redhat.com, mbabacek(a)redhat.com, mburns(a)redhat.com, mizdebsk(a)redhat.com, mkolesni(a)redhat.com, mnovotny(a)redhat.com, msochure(a)redhat.com, msvehla(a)redhat.com, mszynkie(a)redhat.com, myarboro(a)redhat.com, nwallace(a)redhat.com, paradhya(a)redhat.com, pgallagh(a)redhat.com, pjindal(a)redhat.com, pmackay(a)redhat.com, psotirop(a)redhat.com, rguimara(a)redhat.com, rhcs-maint(a)redhat.com, rrajasek(a)redhat.com, rruss(a)redhat.com, rstancel(a)redhat.com, rsvoboda(a)redhat.com, rsynek(a)redhat.com, sclewis(a)redhat.com, scohen(a)redhat.com, sdaley(a)redhat.com, slinaber(a)redhat.com, smaestri(a)redhat.com, tom.jenkinson(a)redhat.com, vhalbert(a)redhat.com, weli(a)redhat.com Target Milestone: --- Classification: Other A specially crafted sequence of HTTP/2 requests could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. Reference: https://tomcat.apache.org/security-8.html -- You are receiving this mail because: You are on the CC list for the bug.

1 23

[Bug 1764640] New: CVE-2019-12402 apache-commons-compress: Infinite loop in name encoding algorithm
by bugzilla＠redhat.com 04 Oct '21

04 Oct '21

https://bugzilla.redhat.com/show_bug.cgi?id=1764640 Bug ID: 1764640 Summary: CVE-2019-12402 apache-commons-compress: Infinite loop in name encoding algorithm Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: psampaio(a)redhat.com CC: dblechte(a)redhat.com, decathorpe(a)gmail.com, dfediuck(a)redhat.com, eedri(a)redhat.com, hhorak(a)redhat.com, java-maint(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jjelen(a)redhat.com, jorton(a)redhat.com, mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com, mizdebsk(a)redhat.com, mkoncek(a)redhat.com, sbonazzo(a)redhat.com, sherold(a)redhat.com, SpikeFedora(a)gmail.com, stewardship-sig(a)lists.fedoraproject.org, yturgema(a)redhat.com Target Milestone: --- Classification: Other The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress. References: https://lists.apache.org/thread.html/308cc15f1f1dc53e97046fddbac240e6cd16de… https://lists.apache.org/thread.html/54cc4e9fa6b24520135f6fa4724dfb3465bc14… https://bugzilla.redhat.com/show_bug.cgi?id=1761797 -- You are receiving this mail because: You are on the CC list for the bug.

1 26

[Bug 1723708] New: CVE-2019-10072 tomcat: denial of service on vulnerable installation
by bugzilla＠redhat.com 04 Oct '21

04 Oct '21

https://bugzilla.redhat.com/show_bug.cgi?id=1723708 Bug ID: 1723708 Summary: CVE-2019-10072 tomcat: denial of service on vulnerable installation Product: Security Response Hardware: All OS: Linux Status: NEW Whiteboard: impact=moderate,public=20190621,reported=20190625,sour ce=internet,cvss3=5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U /C:N/I:N/A:L,cwe=CWE-400,bpms-6/tomcat=new,brms-6/tomc at=new,epel-all/tomcat=affected,fedora-all/tomcat=affe cted,fuse-6/tomcat=affected,fuse-7/tomcat=affected,jdg -7/tomcat=affected,jws-5/tomcat=affected,rhel-7/tomcat =new Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: darunesh(a)redhat.com CC: aileenc(a)redhat.com, akoufoud(a)redhat.com, alazarot(a)redhat.com, alee(a)redhat.com, almorale(a)redhat.com, anstephe(a)redhat.com, chazlett(a)redhat.com, coolsvap(a)gmail.com, csutherl(a)redhat.com, drieden(a)redhat.com, etirelli(a)redhat.com, gzaronik(a)redhat.com, ibek(a)redhat.com, ivan.afonichev(a)gmail.com, janstey(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jclere(a)redhat.com, jochrist(a)redhat.com, krathod(a)redhat.com, krzysztof.daniel(a)gmail.com, kverlaen(a)redhat.com, lgao(a)redhat.com, lpetrovi(a)redhat.com, mbabacek(a)redhat.com, mnovotny(a)redhat.com, myarboro(a)redhat.com, paradhya(a)redhat.com, rrajasek(a)redhat.com, rsynek(a)redhat.com, sdaley(a)redhat.com, twalsh(a)redhat.com, weli(a)redhat.com Target Milestone: --- Classification: Other Apache Tomcat is vulnerable to a denial of service, caused by HTTP/2 connection window exhaustion on write. By failing to send WINDOW_UPDATE messages, a remote attacker could exploit this vulnerability to block threads on the server and cause a denial of service. Reference: http://mail-archives.us.apache.org/mod_mbox/www-announce/201906.mbox/%3Cca6… -- You are receiving this mail because: You are on the CC list for the bug.

1 23

[Bug 1693325] New: CVE-2019-0199 tomcat: Apache Tomcat HTTP/2 DoS
by bugzilla＠redhat.com 04 Oct '21

04 Oct '21

https://bugzilla.redhat.com/show_bug.cgi?id=1693325 Bug ID: 1693325 Summary: CVE-2019-0199 tomcat: Apache Tomcat HTTP/2 DoS Product: Security Response Hardware: All OS: Linux Status: NEW Whiteboard: impact=important,public=20190325,reported=20190326,sou rce=internet,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S: U/C:N/I:N/A:H,cwe=CWE-400,fedora-all/tomcat=affected,r hscl-3/rh-java-common-tomcat=notaffected,bpms-6/tomcat =notaffected,brms-6/tomcat=notaffected,epel-all/tomcat =notaffected,brms-5/jbossweb=notaffected,eap-6/jbosswe b=notaffected,eap-5/jbossweb=notaffected,jdg-6/jbosswe b=notaffected,jdg-7/tomcat=notaffected,jdv-6/jbossweb= notaffected,fuse-6/tomcat=notaffected,fuse-7/tomcat=no taffected,fsw-6/jbossweb=notaffected,soap-5/jbossweb=n otaffected,springboot-1/tomcat=notaffected,jbews-2/tom cat6=notaffected,jws-3/tomcat7=notaffected,rhel-7/tomc at=notaffected,jbews-2/tomcat7=notaffected,jws-3/tomca t8=new,rhel-6/tomcat6=notaffected,jon-3/jbossweb=notaf fected,jws-5/tomcat=new Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: lpardo(a)redhat.com CC: aileenc(a)redhat.com, alazarot(a)redhat.com, alee(a)redhat.com, anstephe(a)redhat.com, apintea(a)redhat.com, avibelli(a)redhat.com, bgeorges(a)redhat.com, bmaxwell(a)redhat.com, cdewolf(a)redhat.com, chazlett(a)redhat.com, cmoulliard(a)redhat.com, coolsvap(a)gmail.com, csutherl(a)redhat.com, darran.lofthouse(a)redhat.com, dimitris(a)redhat.com, dosoudil(a)redhat.com, drieden(a)redhat.com, etirelli(a)redhat.com, fgavrilo(a)redhat.com, gvarsami(a)redhat.com, gzaronik(a)redhat.com, hhorak(a)redhat.com, ibek(a)redhat.com, ikanello(a)redhat.com, ivan.afonichev(a)gmail.com, java-sig-commits(a)lists.fedoraproject.org, jawilson(a)redhat.com, jbalunas(a)redhat.com, jclere(a)redhat.com, jcoleman(a)redhat.com, jdoyle(a)redhat.com, jolee(a)redhat.com, jondruse(a)redhat.com, jorton(a)redhat.com, jpallich(a)redhat.com, jschatte(a)redhat.com, jshepherd(a)redhat.com, jstastny(a)redhat.com, kconner(a)redhat.com, krathod(a)redhat.com, krzysztof.daniel(a)gmail.com, kverlaen(a)redhat.com, ldimaggi(a)redhat.com, lgao(a)redhat.com, loleary(a)redhat.com, lpetrovi(a)redhat.com, lthon(a)redhat.com, mbabacek(a)redhat.com, mizdebsk(a)redhat.com, mszynkie(a)redhat.com, myarboro(a)redhat.com, nwallace(a)redhat.com, paradhya(a)redhat.com, pgallagh(a)redhat.com, pgier(a)redhat.com, pjurak(a)redhat.com, ppalaga(a)redhat.com, psakar(a)redhat.com, pslavice(a)redhat.com, pszubiak(a)redhat.com, rnetuka(a)redhat.com, rrajasek(a)redhat.com, rruss(a)redhat.com, rstancel(a)redhat.com, rsvoboda(a)redhat.com, rsynek(a)redhat.com, rwagner(a)redhat.com, rzhang(a)redhat.com, sdaley(a)redhat.com, spinder(a)redhat.com, tcunning(a)redhat.com, theute(a)redhat.com, tkirby(a)redhat.com, trogers(a)redhat.com, twalsh(a)redhat.com, vhalbert(a)redhat.com, vtunka(a)redhat.com, weli(a)redhat.com Target Milestone: --- Classification: Other A vulnerability was found in Apache Tomcat version from 9.0.0.M1 to 9.0.14 inclusive and 8.5.0 to 8.5.37 inclusive. The HTTP/2 implementation accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O, clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS. References: https://mail-archives.apache.org/mod_mbox/tomcat-announce/201903.mbox/brows… http://tomcat.apache.org/security-9.html http://tomcat.apache.org/security-8.html -- You are receiving this mail because: You are on the CC list for the bug.

1 21

[Bug 1785376] New: CVE-2017-18640 snakeyaml: the alias feature entity expansion during a load operation
by bugzilla＠redhat.com 23 Sep '21

23 Sep '21

https://bugzilla.redhat.com/show_bug.cgi?id=1785376 Bug ID: 1785376 Summary: CVE-2017-18640 snakeyaml: the alias feature entity expansion during a load operation Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: gsuckevi(a)redhat.com CC: decathorpe(a)gmail.com, hhorak(a)redhat.com, jaromir.capik(a)email.cz, java-maint(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jorton(a)redhat.com, mizdebsk(a)redhat.com, mo(a)morsi.org, stewardship-sig(a)lists.fedoraproject.org Target Milestone: --- Classification: Other The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564. Reference: https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-p… -- You are receiving this mail because: You are on the CC list for the bug.

1 33

[Bug 1806835] New: CVE-2020-1935 tomcat: HTTP Request Smuggling
by bugzilla＠redhat.com 11 Aug '21

11 Aug '21

https://bugzilla.redhat.com/show_bug.cgi?id=1806835 Bug ID: 1806835 Summary: CVE-2020-1935 tomcat: HTTP Request Smuggling Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: jwon(a)redhat.com CC: aboyko(a)redhat.com, aileenc(a)redhat.com, akoufoud(a)redhat.com, alazarot(a)redhat.com, alee(a)redhat.com, almorale(a)redhat.com, anstephe(a)redhat.com, asoldano(a)redhat.com, atangrin(a)redhat.com, avibelli(a)redhat.com, bbaranow(a)redhat.com, bgeorges(a)redhat.com, bmaxwell(a)redhat.com, brian.stansberry(a)redhat.com, cdewolf(a)redhat.com, chazlett(a)redhat.com, cmoulliard(a)redhat.com, coolsvap(a)gmail.com, csutherl(a)redhat.com, darran.lofthouse(a)redhat.com, dbecker(a)redhat.com, dkreling(a)redhat.com, dosoudil(a)redhat.com, drieden(a)redhat.com, etirelli(a)redhat.com, ggaughan(a)redhat.com, gzaronik(a)redhat.com, ibek(a)redhat.com, ikanello(a)redhat.com, ivan.afonichev(a)gmail.com, iweiss(a)redhat.com, janstey(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jawilson(a)redhat.com, jbalunas(a)redhat.com, jclere(a)redhat.com, jjoyce(a)redhat.com, jochrist(a)redhat.com, jpallich(a)redhat.com, jperkins(a)redhat.com, jschluet(a)redhat.com, jstastny(a)redhat.com, jwon(a)redhat.com, kbasil(a)redhat.com, krathod(a)redhat.com, krzysztof.daniel(a)gmail.com, kverlaen(a)redhat.com, kwills(a)redhat.com, lgao(a)redhat.com, lhh(a)redhat.com, lpeer(a)redhat.com, lthon(a)redhat.com, mbabacek(a)redhat.com, mburns(a)redhat.com, mkolesni(a)redhat.com, mnovotny(a)redhat.com, msochure(a)redhat.com, msvehla(a)redhat.com, mszynkie(a)redhat.com, myarboro(a)redhat.com, nwallace(a)redhat.com, paradhya(a)redhat.com, pgallagh(a)redhat.com, pjindal(a)redhat.com, pmackay(a)redhat.com, psotirop(a)redhat.com, rguimara(a)redhat.com, rrajasek(a)redhat.com, rruss(a)redhat.com, rsvoboda(a)redhat.com, rsynek(a)redhat.com, sclewis(a)redhat.com, scohen(a)redhat.com, sdaley(a)redhat.com, slinaber(a)redhat.com, smaestri(a)redhat.com, tom.jenkinson(a)redhat.com, weli(a)redhat.com Target Milestone: --- Classification: Other The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. It affects the version of Apache Tomcat 9 before 9.0.31, Tomcat 8 before 8.5.51, and Tomcat 7 before 7.0.100. Upstream Patches: https://github.com/apache/tomcat/commit/8bfb0ff / tomcat9 https://github.com/apache/tomcat/commit/8fbe2e9 / tomcat8 https://github.com/apache/tomcat/commit/702bf15 / tomcat7 -- You are receiving this mail because: You are on the CC list for the bug.

1 45

← Newer
1
2
3
4
5
6
7
...
39
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

java-sig-commits June 2020