Publishing details

Changelog

tomcat9 (9.0.16-3ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: XSS attack on SSI printenv command
    - debian/patches/CVE-2019-0221.patch: escape debug output to aid
      readability
    - CVE-2019-0221
  * SECURITY UPDATE: DoS via thread exhaustion
    - debian/patches/CVE-2019-10072-1.patch: expand HTTP/2 timeout
      handling to connection window exhaustion on write.
    - debian/patches/CVE-2019-10072-2.patch: Fix test failures. Handle
      full allocation case.
    - CVE-2019-10072

 -- Emilia Torino <email address hidden>  Wed, 11 Sep 2019 16:47:51 -0300

Available diffs

Builds

Built packages

Package files