Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15
patchinfo.16459
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.16459
<patchinfo incident="16459"> <issue tracker="bnc" id="1172562">VUL-1: tomcat: lots of tomcat files are writable for the tomcat user / tomcat group</issue> <issue tracker="bnc" id="1092163">servletapi5: servlet.jar not created</issue> <issue tracker="cve" id="2020-13943"/> <issue tracker="bnc" id="1177582">VUL-0: CVE-2020-13943: tomcat: HTTP/2 Request mix-up</issue> <issue tracker="bnc" id="1178396">Tomcat doesn't need anymore /usr/lib/tmpfiles.d/tomcat.conf and /run/tomcat.pid</issue> <issue tracker="cve" id="2020-17527"/> <issue tracker="bnc" id="1179602">VUL-0: CVE-2020-17527: tomcat6,tomcat: HTTP/2 request header mix-up</issue> <packager>mateialbu</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for tomcat</summary> <description>This update for tomcat fixes the following issues: Security issues fixed: - CVE-2020-13943: Fixed a HTTP/2 Request mix-up (bsc#1177582). - CVE-2020-17527: Fixed a HTTP/2 request header mix-up (bsc#1179602). Non-security issue fixed: - Removed tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from package. They're not used anymore becuse of systemd (bsc#1178396). - Fixed 'tomcat-servlet-4_0-api' package alternatives to use and keep a symlink for compatibility (bsc#1092163). - Don't give write permissions for the tomcat group on files and directories where it's not needed (bsc#1172562). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor