Release Info

Advisory: CLSA-2023:1689010064

OS: Ubuntu 18.04 ELS

Public date: 2023-07-10 13:27:46

Project: tomcat9

Version: 9.0.16-3ubuntu0.18.04.2+tuxcare.els2

Errata link: https://errata.cloudlinux.com/ubuntu18-els/CLSA-2023-1689010064.html

Changelog

* SECURITY UPDATE: EncryptInterceptor only provides partial protection on untrusted network - debian/patches/CVE-2022-29885.patch: Update the documentation to state that the EncryptInterceptor does not provide sufficient protection to run Tomcat clustering over an untrusted network. - CVE-2022-29885

Update

Update command: apt-get update apt-get --only-upgrade install tomcat9*

Packages list

libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb libtomcat9-java_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb tomcat9_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb tomcat9-admin_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb tomcat9-common_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb tomcat9-docs_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb tomcat9-examples_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb tomcat9-user_9.0.16-3ubuntu0.18.04.2+tuxcare.els2_all.deb

CVEs

CVE-2022-29885