Updated tomcat packages fix security vulnerability
Publication date: 18 Aug 2020Type: security
Affected Mageia releases : 7
CVE: CVE-2020-11996 , CVE-2020-13934 , CVE-2020-13935
Description
A specially crafted sequence of HTTP/2 requests could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive (CVE-2020-11996). An h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service (CVE-2020-13934). The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service (CVE-2020-13935).
References
- https://bugs.mageia.org/show_bug.cgi?id=26862
- http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.36
- http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11996
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13934
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13935
SRPMS
7/core
- tomcat-9.0.37-1.2.mga7