[SECURITY] [DSA 5522-1] tomcat9 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5522-1 secur...@debian.org https://www.debian.org/security/ Markus Koschany October 10, 2023 https://www.debian.org/security/faq - - Package: tomcat9 CVE ID : CVE-2023-24998 CVE-2023-41080 CVE-2023-42795 CVE-2023-44487 CVE-2023-45648 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2023-24998 Denial of service. Tomcat uses a packaged renamed copy of Apache Commons FileUpload to provide the file upload functionality defined in the Jakarta Servlet specification. Apache Tomcat was, therefore, also vulnerable to the Commons FileUpload vulnerability CVE-2023-24998 as there was no limit to the number of request parts processed. This resulted in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. CVE-2023-41080 Open redirect. If the ROOT (default) web application is configured to use FORM authentication then it is possible that a specially crafted URL could be used to trigger a redirect to an URL of the attackers choice. CVE-2023-42795 Information Disclosure. When recycling various internal objects, including the request and the response, prior to re-use by the next request/response, an error could cause Tomcat to skip some parts of the recycling process leading to information leaking from the current request/response to the next. CVE-2023-44487 DoS caused by HTTP/2 frame overhead (Rapid Reset Attack) CVE-2023-45648 Request smuggling. Tomcat did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. For the oldstable distribution (bullseye), these problems have been fixed in version 9.0.43-2~deb11u7. We recommend that you upgrade your tomcat9 packages. For the detailed security status of tomcat9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tomcat9 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUlyBRfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRBnhAAk1o0EDLnX1zaS0Xnz9jybhd9XdXat1HwZXvV3XFRGVXu5+r2bKH+KQjU 0GJ6koP3KDt10DrI8DzOq+9Msu0/TbPYAZKDHPjPYfcUqXRmwRrvTXtq5cbR5v3+ JxgJhiqjQYb1DYiDLC5iU+6aryrZg2ma1i81lG5v8N1TDfaCHzbZiMpyeYEABkd7 eKX3tzngoK9UaIgYVBxrjnM9bPRWnRFJRBMu/hs4VS6gxqzAaZT72Tcaf0Vf3t1s Es5IMgrhBC0Q2Amlm3N5z37p0nlhnJdNC3dAHetRCy92g9/KsjB/1BZfYY7rM8wV WwvB5WwQ0T4eRqKmc8yY86sUdfXkhPqz1oFDbnNgxtBjMm2z/of9pNEm+2NCpv9P 3MpCIKsEWiGH8+uleGuFhAHoWeUYjDNJjH1di6+PYZoBaEJ8eiXct/THBt/0nvFR Nh6AFDqi1Hi5/GdPK71eFRDsXOwgSuRg1ZRJtJP1W/dYEiczP89l0CM04PwxEAn2 dbE2ZCUQmIzQdng4OAHt+ze+QDini4HtoRJnQHq4P/QUIEQAE9C0hOIMMnrtpqIY A77Qa1bBVqDgLlhvSmpSrVigmfyXSpmtfc9G0KXcq5IAvr75jZ0PNuIk/VTyklYj e3g3nA1rbB1jlx6cvPqWBFItXW8800mJ0CXHb8EN8jKdB5BnooY= =6KYM -END PGP SIGNATURE-
[SECURITY] [DSA 5521-1] tomcat10 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5521-1 secur...@debian.org https://www.debian.org/security/ Markus Koschany October 10, 2023 https://www.debian.org/security/faq - - Package: tomcat10 CVE ID : CVE-2023-28709 CVE-2023-41080 CVE-2023-42795 CVE-2023-44487 CVE-2023-45648 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2023-28709 Denial of Service. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur. CVE-2023-41080 Open redirect. If the ROOT (default) web application is configured to use FORM authentication then it is possible that a specially crafted URL could be used to trigger a redirect to an URL of the attackers choice. CVE-2023-42795 Information Disclosure. When recycling various internal objects, including the request and the response, prior to re-use by the next request/response, an error could cause Tomcat to skip some parts of the recycling process leading to information leaking from the current request/response to the next. CVE-2023-44487 DoS caused by HTTP/2 frame overhead (Rapid Reset Attack) CVE-2023-45648 Request smuggling. Tomcat did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. For the stable distribution (bookworm), these problems have been fixed in version 10.1.6-1+deb12u1. We recommend that you upgrade your tomcat10 packages. For the detailed security status of tomcat10 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tomcat10 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUlygNfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQOAw/9FphsARNkV5P4SoR3pQJ0CUaGtipdCc57ZR+w00QjR0/lbIQpoYzxrgAN zNJCDUuCDhEjyolzJ9XtkabKDzhZr/+1wM5iQQIx9A6VFELannL5ivZjT798juUx +IMCD65kMFXqLqIwS4BhYZww/W5KapZkgEeppyhpS3pjGXJ3nRtkAMpJZAJk4CCt n3I/9GzyI/8KQVBGAUPQb+feDJmDh/qSbHYTtvEweeu1WNiFGzU6MuRIOeYi6mga gzulx3NJgCHb6SGKdttqc51pSK2mRKUlQdgzwxS+jTaE4iDWv1AHaV/pJF6cS3cP xmELILWm7TqnL90on63u6Nh8UScSM0qf3ajRd2zAXDEtaGcdM92vbNLDfJTo1/wA pEH+xTkiOUpHEhsDEOW6zLoJqy0+qW9pQd3qE4Sh1CBVFylxR4L1JeDupyozH0up LLuNKslZLxUFUWYEkwFmtOoOMjlAtMsPnsgoVr/ZOPXaixLE05HgOWWWUV5YWyKW Ae2/C+Oc38P2bFNjW++okCsZTOaVdrhA/2g9cPNE17cN/o/Ff9GdbqDJMzry9z/B FSPIZ47QSzMROhc/9z5HL7Y3eqEj8kjG2LbMQ82lP5hHoYPhXwKjML8HhwmyLvD2 scn/9i/RzazIfyO+zLStzxEHIOR7xx95drm15Av1Z52oETSmsmc= =raMf -END PGP SIGNATURE-
[SECURITY] [DSA 5520-1] mediawiki security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5520-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2023 https://www.debian.org/security/faq - - Package: mediawiki CVE ID : CVE-2023-3550 CVE-2023-45359 CVE-2023-45360 CVE-2023-45361 CVE-2023-45362 CVE-2023-45363 CVE-2023-45364 Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure For the oldstable distribution (bullseye), these problems have been fixed in version 1:1.35.13-1~deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 1:1.39.5-1~deb12u1. We recommend that you upgrade your mediawiki packages. For the detailed security status of mediawiki please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mediawiki Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUlpMAACgkQEMKTtsN8 TjYoOA//bCjltcLtXiq3v62Fmsi3nzMDOhxYvLip6E4lzp3qxP7/UzjbSDycdRjV r9oy77BkYZSAGNrf1zuHP7NLnKy8WwtBslQeFpBsUncbOr/0oc/xZFZWSEqlthjp 9duWZFp8G+idAfAKRT2NIeNRC6posp42/ZDgOsCUBqGD9A8zcS55fT1X6owc1ADd 8288iCMC7xA6oNJ2pePYXvdl3otMqxdhNUImQVJXhf850I5bL7LP+5IYr5e845jG T7Ulk8Kn4BgDvvZREqGEX1g49+1GK7Ri/9P+Ju50G4Y54JjIHMP2msF2c1QQF1A8 3fIeoQGPaFy8ApVLGkslxY39oh4yGtF5udo6pBzxtlvOwyaMG3xUpquqATbSVulK QuoiCun2N7fpLtt7P8yUDyjPG0XqJll74svScO9dsaIDkpvwbQ/KPKD0G/N5rnXu VrB9S4H1DttLJ7g03/gP4jDh/zww5sfzrH/pvAuzhNn4+jQ7j03FQ4tpEB18XXo2 tzJGpb/fQhTvwrDUCoWJFSMl3nAhzzHwDkamZ6lnY7kmHNIp5zI4ZUVElcRYj/1s 9HRFNpSZbdKrTAZnDlJEmQw2YHrCYM2Q+A2P5bEZuUBt43N9fMrVeynQImTalEA3 V7lWyklp9PynpxlwbNA5VzUipDBtt9sQ61ld9xRjoliyNrDx9bI= =ekTI -END PGP SIGNATURE-