Security update for tomcat
This update for tomcat fixes the following issues:
- CVE-2018-11784: When the default servlet in Apache Tomcat returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. (bsc#1110850)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
-
Submitted by
Matei Albu (mateialbu)
Fixed bugs
bnc#1110850
VUL-0: CVE-2018-11784: tomcat6,tomcat5,tomcat: specially crafted URL could be used to cause a redirect to any URI of the attackers choice
