tomcat-7.0.76-16.0.1.el7.AXS7
エラータID: AXSA:2024-8731:12
リリース日:
2024/08/29 Thursday - 15:07
題名:
tomcat-7.0.76-16.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Apache Tomcat には、特定の設定および利用状況下における
逆シリアル化処理に問題があるため、ローカルの攻撃者により、
巧妙に細工されたリクエストを介して、任意のコードの実行を
可能とする脆弱性が存在します。(CVE-2021-25329)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-25329
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- tomcat-7.0.76-16.0.1.el7.AXS7.noarch.rpm
MD5: a0bd6751811ab70ad977b0709a26a421
SHA-256: 5e15450c9d3fb7ce7a705e05fab1d1837ba1d12b1e07bd0398b9a8168086b079
Size: 92.79 kB - tomcat-admin-webapps-7.0.76-16.0.1.el7.AXS7.noarch.rpm
MD5: e655d022e36baa73758ea4c9cf309049
SHA-256: d04f84cdb1f1b4c4641cd78478b67df48de4342d0b92a878a7e5da1d078146e5
Size: 40.93 kB - tomcat-el-2.2-api-7.0.76-16.0.1.el7.AXS7.noarch.rpm
MD5: 0d910768c8bca7e58cd31984056eee2e
SHA-256: 311fac52b2c2c55cbf120e2c22e249491ca19369e850683f25d02de9992264f5
Size: 82.14 kB - tomcat-jsp-2.2-api-7.0.76-16.0.1.el7.AXS7.noarch.rpm
MD5: 33a5007d2bc3e5ff057c439fe4b4b0f5
SHA-256: bf668e49acc65ff45080f2b74338fe3d850e8aa5390803cbe217ee526dcba177
Size: 95.86 kB - tomcat-lib-7.0.76-16.0.1.el7.AXS7.noarch.rpm
MD5: 68d46c2a2f7ce00fec91dfdb152b12ac
SHA-256: d2b4bc2e3ab6b0468907be48b8c2f2f1932c02b9636216f783333e771bb27d52
Size: 3.87 MB - tomcat-servlet-3.0-api-7.0.76-16.0.1.el7.AXS7.noarch.rpm
MD5: 2116051f81f6dfac5031aa536bd5156e
SHA-256: 0f72e2fcd12274d3f6c881a7ba6003c636507733bfbf9a1cc131235e0da9573e
Size: 213.21 kB - tomcat-webapps-7.0.76-16.0.1.el7.AXS7.noarch.rpm
MD5: c5c9a523a25df2955173708771a110f1
SHA-256: a3681fa80cb917255bd05760925a821a65f5b839b7a2dac19b03cb1e1d755dcc
Size: 341.93 kB