tomcat-7.0.76-8.el7
エラータID: AXSA:2018-3358:03
リリース日:
2018/10/16 Tuesday - 08:46
題名:
tomcat-7.0.76-8.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました
[Security Fix]
- tomcat の UTF-8 のデコーダーには、補助文字の処理において起こるオーバーフローを
適切に処理しないことで無限ループに陥り、サービス不能を引き起こす脆弱性があります。
(CVE-2018-1336)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2018-1336
An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.
An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.
追加情報:
N/A
ダウンロード:
SRPMS
- ghostscript-9.07-29.el7.2.src.rpm
MD5: b5c79ca856f5133209299aa36799333c
SHA-256: cfde8bd72fe067a1d3f3dffeff37f8901c5950347906dcab15b522c6ccbdc6c8
Size: 26.58 MB - tomcat-7.0.76-8.el7.src.rpm
MD5: 91ef05f261345c014993f204f92af94c
SHA-256: 3dfc7cc1dfe74c657511b4e6909551a560818c9816696bf1eaa0f28ab6cef1e8
Size: 4.58 MB
Asianux Server 7 for x86_64
- ghostscript-9.07-29.el7.2.x86_64.rpm
MD5: fb4c4aa7a557f991594de3058d60e78c
SHA-256: 1cb40fc59d1400245c5e5cfeb292e4a69ba6b99321e19539ae438574d1e10008
Size: 4.31 MB - ghostscript-cups-9.07-29.el7.2.x86_64.rpm
MD5: 71006dd209abb4bbefb8643c844e7b98
SHA-256: b77e782f32afd3116642175420842d51c087d526718ab07e060236f565dcb10d
Size: 55.93 kB - ghostscript-9.07-29.el7.2.i686.rpm
MD5: 2215ed8f025815108f586d2dbd5b46b8
SHA-256: a5c28e7e8a9b27f9ba2381880bfc56b1c1abbddb47352c869985cb7080759ca8
Size: 4.30 MB - tomcat-7.0.76-8.el7.noarch.rpm
MD5: bb4b49ceca74da7d9afde18e1d967057
SHA-256: 9d2e3b8afdbbc71e4ba8e041ed4f482d3ee6d644ad21280b424427566eba6b02
Size: 89.82 kB - tomcat-admin-webapps-7.0.76-8.el7.noarch.rpm
MD5: 3dba3271bd4d98eb4eb82c0012aadade
SHA-256: b7e46fba9c9822c949ff0ee698885090ca348daf564efeced5519c46e8ea4957
Size: 38.09 kB - tomcat-el-2.2-api-7.0.76-8.el7.noarch.rpm
MD5: d223746a4ecdb36962f56e3f3c8a3e39
SHA-256: daaccaef0bac61c2e4fb33a7f2e6c2cc10a0e5f2d58c85f4519b1c24892d8a78
Size: 79.34 kB - tomcat-jsp-2.2-api-7.0.76-8.el7.noarch.rpm
MD5: fe2214bd8b5d6e9962a57b6b9d4fceed
SHA-256: 9c2edafde322932e0597703f8ce8fda3c3f50cc396c6514fd3396bfd8e883fc5
Size: 93.06 kB - tomcat-lib-7.0.76-8.el7.noarch.rpm
MD5: 9dfc2b7884627b3e447fad46e5452db1
SHA-256: 364ee7dfa2266c13efad1725cdd4bfaf2dba78a6f1472de1adcd4502ff8ae361
Size: 3.85 MB - tomcat-servlet-3.0-api-7.0.76-8.el7.noarch.rpm
MD5: 307d1aa6c40532433385538d7765fe90
SHA-256: aef7e00c5fce11ea155c25a017db2f0baa09b064a4691c4967b28042fb413f74
Size: 210.43 kB - tomcat-webapps-7.0.76-8.el7.noarch.rpm
MD5: 6bf9739823d3827bc96e96c47427e18b
SHA-256: c23dc4d4e5c89837c471c5a48279b04bff59458d6dbb485dd3e730bef27b1d2d
Size: 338.85 kB