Overview

File _patchinfo of Package patchinfo.28268

<patchinfo incident="28268">
  <issue tracker="cve" id="2023-24998"/>
  <issue tracker="cve" id="2023-28708"/>
  <issue tracker="bnc" id="1209622">VUL-0: CVE-2023-28708: tomcat: not including the secure attribute causes information disclosure</issue>
  <issue tracker="bnc" id="1208513">VUL-0: CVE-2023-24998: tomcat,tomcat6,apache-commons-fileupload,jakarta-commons-fileupload: FileUpload DoS with excessive parts</issue>
  <packager>mbussolotto</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for tomcat</summary>
  <description>This update for tomcat fixes the following issues:

- CVE-2023-28708: Fixed information disclosure by not including the secure attribute (bsc#1209622).
- CVE-2023-24998: Fixed FileUpload deny-of-service with excessive parts (bsc#1208513). 
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places