Overview

File _patchinfo of Package patchinfo.37363

<patchinfo incident="37363">
  <issue tracker="cve" id="2024-54677"/>
  <issue tracker="cve" id="2024-50379"/>
  <issue tracker="bnc" id="1234663">VUL-0: CVE-2024-50379: tomcat,tomcat10,tomcat6: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation</issue>
  <issue tracker="bnc" id="1234664">VUL-0: CVE-2024-54677: tomcat,tomcat10,tomcat6: Apache Tomcat: DoS in examples web application</issue>
  <packager>RMestre</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for tomcat</summary>
  <description>This update for tomcat fixes the following issues:

- CVE-2024-50379: Fixed remote code execution (RCE) due to TOCTOU issue in JSP compilation (bsc#1234663).
- CVE-2024-54677: Fixed denial-of-service (DoS) attack in examples web application (bsc#1234664).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places