USN-3027-1: Tomcat vulnerability

06 July 2016

Tomcat could be made to hang if it received specially crafted network traffic.

Releases

Packages

Details

It was discovered that the Tomcat Fileupload library incorrectly handled
certain upload requests. A remote attacker could possibly use this issue to
cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04

In general, a standard system update will make all the necessary changes.

References

Related notices

  • USN-3024-1: tomcat7-common, libservlet3.0-java-doc, tomcat7-docs, tomcat7-examples, tomcat7, libtomcat7-java, tomcat7-user, libtomcat6-java, tomcat6, tomcat7-admin, libservlet3.0-java