Overview

File _patchinfo of Package patchinfo.31346

<patchinfo incident="31346">
  <issue tracker="cve" id="2023-42795"/>
  <issue tracker="cve" id="2023-45648"/>
  <issue tracker="bnc" id="1216118">VUL-0: CVE-2023-45648: tomcat: Trailer header parsing too lenient</issue>
  <issue tracker="bnc" id="1216119">VUL-0: CVE-2023-42795: tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests</issue>
  <packager>mbussolotto</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for tomcat</summary>
  <description>This update for tomcat fixes the following issues:

- CVE-2023-42795: Fixed a potential information leak due to
  insufficient cleanup (bsc#1216119).
- CVE-2023-45648: Fixed a request smuggling issue due to an incorrect
  parsing of HTTP trailer headers (bsc#1216118).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places