Security update for tomcat
This update for tomcat fixes the following issues:
- CVE-2016-3092: Usage of vulnerable FileUpload package can result in denial of service. (bsc#986359)
- CVE-2016-5388: Setting HTTP_PROXY environment variable via Proxy header. (bsc#988489)
This update was imported from the SUSE:SLE-12-SP1:Update project.
- Submitted by Marcus Meissner (msmeissn)
Fixed bugs
bnc#986359
Usage of vulnerable FileUpload package can result in denial of service
bnc#988489
VUL-0: CVE-2016-5388: tomcat: Setting HTTP_PROXY environment variable via Proxy header (httpoxy)