Release Info

Advisory: CLSA-2023:1698689712

OS: Ubuntu 18.04 ELS

Public date: 2023-10-30 14:15:14

Project: tomcat8

Version: 8.5.39-1ubuntu1~18.04.3+tuxcare.els5

Errata link: https://errata.cloudlinux.com/ubuntu18-els/CLSA-2023-1698689712.html

Changelog

* SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: Improvements to HTTP/2 overhead protection - CVE-2023-44487

Update

Update command: apt-get update apt-get --only-upgrade install tomcat8*

Packages list

libtomcat8-embed-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb libtomcat8-java_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb tomcat8_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb tomcat8-admin_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb tomcat8-common_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb tomcat8-docs_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb tomcat8-examples_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb tomcat8-user_8.5.39-1ubuntu1~18.04.3+tuxcare.els5_all.deb

CVEs

CVE-2023-44487