-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2407-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb October 14, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : tomcat8 Version : 8.5.54-0+deb9u4 CVE ID : CVE-2020-13943 It was discovered that there was an issue in Apache Tomcat 8, the Java application server. An excessive number of concurrent streams could have resulted in users seeing responses for unexpected resources. For Debian 9 "Stretch", this problem has been fixed in version 8.5.54-0+deb9u4. We recommend that you upgrade your tomcat8 packages. For the detailed security status of tomcat8 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tomcat8 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl+G3N4ACgkQHpU+J9Qx HlgLnQ/+I30tFJC8N5ed6pd5G4Re2Hq78J/zo+dIuy/pBc/aCBBDSaDxYPJP+QKt C9JK7aDh1ZR0QtF5OqeyVapS7MzDsAXSUte/ZIh+cgHEDwcRXrg/UtyRcLqUSxxP ScZV9hPKPDI53+64sBogY7YzFPg42GfgNw8dvvhLErZTJgl3U8z0F6uLhDCPA0BR HcYUQf09UQ3ZNyKnGM5WsI/0F1pa3uRuTK1Qp5J8PTY+6Q8NMgKG7fHKZUJIyzIU Pa2md2v76cjhQaAMz+9yNQqELI8KjisCCU4I8Mv//60mvhOyuCX2y2rTAGzBDqC/ pznnudD8u/J3N8ZN7OCH8JefBRc2iRCgkIqg6Pz6as2mMHSfjXiPmuoByCpnrDkX XjmE72abH2vq/xNboA4nN7QQxsRjQJEGTFBPLfgtVlpbnRACrx+Mr0t716Ovphsh N/QFoocdDun6YVPU8zJnnaDz5gShQmyDWGcU5WFL591sTNJQIBujLKrS4KIXgFjy 6AxdCq5FMKk5NQI0Qo5/9jL6EYnDBdrjq3JmCXvkUFT9OATupP23yYjYxnHJrHEF vsKheusL3r+ovSSSY2aaiH1H+/ePLcGph8cAwWI2OLc83TizuGMxuSSHe7xP2iUK u4liLPp6uuFgs5avEO36+VzcogLcMjRP4BQ+NUmECi6TujKVtTQ= =LTeF -----END PGP SIGNATURE-----
