| Summary: | [Update Request] tomcat (CVE-2020-17527) (CVE-2021-24122) | ||
|---|---|---|---|
| Product: | [ROSA-based products] ROSA Fresh | Reporter: | Zombie Ryushu <zombie.ryushu> |
| Component: | Packages from Main | Assignee: | ROSA Linux Bugs <bugs> |
| Status: | CONFIRMED --- | QA Contact: | ROSA Linux Bugs <bugs> |
| Severity: | normal | ||
| Priority: | Normal | CC: | alzim, andrey.bondrov, denis.silakov, mc2374 |
| Version: | KDE4 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://advisories.mageia.org/MGASA-2020-0397.html | ||
| Whiteboard: | |||
| Platform: | 2016.1 | ROSA Vulnerability identifier: | CVE-2020-13943 (CVE-2020-17527) (CVE-2021-24122) |
| RPM Package: | tomcat-9.0.39-1.mga7 | ISO-related: | |
| Bad POT generating: | Upstream: | ||
|
Description
Zombie Ryushu
2020-11-16 16:55:04 MSK
While investigating Apache issue 64830 it was discovered that Apache Tomcat could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests (CVE-2020-17527). https://advisories.mageia.org/MGASA-2021-0020.html When serving resources from a network location using the NTFS file system it was possible to bypass security constraints and/or view the source code for JSPs in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances (CVE-2021-24122). |