Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was discovered that the ChunkedInputFilter in Tomcat did not fail
subsequent attempts to read input after malformed chunked encoding was
detected. A remote attacker could possibly use this flaw to make Tomcat
process part of the request body as new request, or cause a denial of
service. (CVE-2014-0227)
This update also fixes the following bug:
All Tomcat 6 users are advised to upgrade to these updated packages, which
correct these issues. Tomcat must be restarted for this update to take
effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | s390x | tomcat6 | < 6.0.24-83.el6_6 | tomcat6-6.0.24-83.el6_6.s390x.rpm |
RedHat | 6 | x86_64 | tomcat6-debuginfo | < 6.0.24-83.el6_6 | tomcat6-debuginfo-6.0.24-83.el6_6.x86_64.rpm |
RedHat | 6 | i686 | tomcat6-webapps | < 6.0.24-83.el6_6 | tomcat6-webapps-6.0.24-83.el6_6.i686.rpm |
RedHat | 6 | s390x | tomcat6-admin-webapps | < 6.0.24-83.el6_6 | tomcat6-admin-webapps-6.0.24-83.el6_6.s390x.rpm |
RedHat | 6 | x86_64 | tomcat6-admin-webapps | < 6.0.24-83.el6_6 | tomcat6-admin-webapps-6.0.24-83.el6_6.x86_64.rpm |
RedHat | 6 | ppc64 | tomcat6-servlet-2.5-api | < 6.0.24-83.el6_6 | tomcat6-servlet-2.5-api-6.0.24-83.el6_6.ppc64.rpm |
RedHat | 6 | x86_64 | tomcat6-javadoc | < 6.0.24-83.el6_6 | tomcat6-javadoc-6.0.24-83.el6_6.x86_64.rpm |
RedHat | 6 | i686 | tomcat6-debuginfo | < 6.0.24-83.el6_6 | tomcat6-debuginfo-6.0.24-83.el6_6.i686.rpm |
RedHat | 6 | ppc64 | tomcat6-el-2.1-api | < 6.0.24-83.el6_6 | tomcat6-el-2.1-api-6.0.24-83.el6_6.ppc64.rpm |
RedHat | 6 | i686 | tomcat6-jsp-2.1-api | < 6.0.24-83.el6_6 | tomcat6-jsp-2.1-api-6.0.24-83.el6_6.i686.rpm |