{"affected":[{"ecosystem_specific":{"binaries":[{"tomcat":"7.0.68-7.6.1","tomcat-admin-webapps":"7.0.68-7.6.1","tomcat-docs-webapp":"7.0.68-7.6.1","tomcat-el-2_2-api":"7.0.68-7.6.1","tomcat-javadoc":"7.0.68-7.6.1","tomcat-jsp-2_2-api":"7.0.68-7.6.1","tomcat-lib":"7.0.68-7.6.1","tomcat-servlet-3_0-api":"7.0.68-7.6.1","tomcat-webapps":"7.0.68-7.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"tomcat","purl":"pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.0.68-7.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"tomcat":"7.0.68-7.6.1","tomcat-admin-webapps":"7.0.68-7.6.1","tomcat-docs-webapp":"7.0.68-7.6.1","tomcat-el-2_2-api":"7.0.68-7.6.1","tomcat-javadoc":"7.0.68-7.6.1","tomcat-jsp-2_2-api":"7.0.68-7.6.1","tomcat-lib":"7.0.68-7.6.1","tomcat-servlet-3_0-api":"7.0.68-7.6.1","tomcat-webapps":"7.0.68-7.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"tomcat","purl":"pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"7.0.68-7.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for tomcat fixes the following security issues.\n\nTomcat has been updated from 7.0.55 to 7.0.68.\n\n* CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java\n  in Apache Tomcat allowed remote authenticated users to bypass intended\n  SecurityManager restrictions and list a parent directory via a /.. (slash\n  dot dot) in a pathname used by a web application in a getResource,\n  getResourceAsStream, or getResourcePaths call, as demonstrated by the\n  $CATALINA_BASE/webapps directory.  (bsc#967967)\n* CVE-2015-5346: Session fixation vulnerability in Apache Tomcat when\n  different session settings are used for deployments of multiple versions\n  of the same web application, might have allowed remote attackers\n  to hijack web sessions by leveraging use of a requestedSessionSSL\n  field for an unintended request, related to CoyoteAdapter.java and\n  Request.java. (bsc#967814)\n* CVE-2015-5345: The Mapper component in Apache Tomcat processes redirects\n  before considering security constraints and Filters, which allowed remote\n  attackers to determine the existence of a directory via a URL that lacks\n  a trailing / (slash) character. (bsc#967965)\n* CVE-2015-5351: The (1) Manager and (2) Host Manager applications in\n  Apache Tomcat established sessions and send CSRF tokens for arbitrary\n  new requests, which allowed remote attackers to bypass a CSRF protection\n  mechanism by using a token. (bsc#967812)\n* CVE-2016-0706: Apache Tomcat did not place\n  org.apache.catalina.manager.StatusManagerServlet on the\n  org/apache/catalina/core/RestrictedServlets.properties list, which\n  allowed remote authenticated users to bypass intended SecurityManager\n  restrictions and read arbitrary HTTP requests, and consequently discover\n  session ID values, via a crafted web application.  (bsc#967815)\n* CVE-2016-0714: The session-persistence implementation in Apache Tomcat\n  mishandled session attributes, which allowed remote authenticated users\n  to bypass intended SecurityManager restrictions and execute arbitrary\n  code in a privileged context via a web application that places a crafted\n  object in a session. (bsc#967964)\n* CVE-2016-0763: The setGlobalContext method in\n  org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat did\n  not consider whether ResourceLinkFactory.setGlobalContext callers are\n  authorized, which allowed remote authenticated users to bypass intended\n  SecurityManager restrictions and read or write to arbitrary application\n  data, or cause a denial of service (application disruption), via a web\n  application that sets a crafted global context.  (bsc#967966)\n\nSee https://tomcat.apache.org/tomcat-7.0-doc/changelog.html\n  for other fixes since 7.0.55\n","id":"SUSE-SU-2016:0822-1","modified":"2016-03-18T14:14:17Z","published":"2016-03-18T14:14:17Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20160822-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/967812"},{"type":"REPORT","url":"https://bugzilla.suse.com/967814"},{"type":"REPORT","url":"https://bugzilla.suse.com/967815"},{"type":"REPORT","url":"https://bugzilla.suse.com/967964"},{"type":"REPORT","url":"https://bugzilla.suse.com/967965"},{"type":"REPORT","url":"https://bugzilla.suse.com/967966"},{"type":"REPORT","url":"https://bugzilla.suse.com/967967"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5174"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5345"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5346"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-5351"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-0706"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-0714"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-0763"}],"related":["CVE-2015-5174","CVE-2015-5345","CVE-2015-5346","CVE-2015-5351","CVE-2016-0706","CVE-2016-0714","CVE-2016-0763"],"summary":"Security update for tomcat","upstream":["CVE-2015-5174","CVE-2015-5345","CVE-2015-5346","CVE-2015-5351","CVE-2016-0706","CVE-2016-0714","CVE-2016-0763"]}