Oracle Linux 6263 Published by

A tomcat security update has been released for Oracle Linux 7.



El-errata: ELSA-2020-5020 Low: Oracle Linux 7 tomcat security update


Oracle Linux Security Advisory ELSA-2020-5020

  http://linux.oracle.com/errata/ELSA-2020-5020.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
tomcat-7.0.76-16.el7_9.noarch.rpm
tomcat-admin-webapps-7.0.76-16.el7_9.noarch.rpm
tomcat-docs-webapp-7.0.76-16.el7_9.noarch.rpm
tomcat-el-2.2-api-7.0.76-16.el7_9.noarch.rpm
tomcat-javadoc-7.0.76-16.el7_9.noarch.rpm
tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch.rpm
tomcat-jsvc-7.0.76-16.el7_9.noarch.rpm
tomcat-lib-7.0.76-16.el7_9.noarch.rpm
tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch.rpm
tomcat-webapps-7.0.76-16.el7_9.noarch.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/tomcat-7.0.76-16.el7_9.src.rpm


Description of changes:

[0:7.0.76-16]
- Resolves: rhbz#1814315 CVE-2020-1935 tomcat: Mishandling of
Transfer-Encoding header allows for HTTP request smuggling