Public bug reported:

The tomcat10 package for 24.04 is currently 11months old, and as a
result has multiple high scoring CVE's available.

CVEs:
CVE-2024-24549
CVE-2024-23672
CVE-2024-38286
CVE-2024-34750


Between versions 10.1.16 (current) and 10.1.25 (version currently available for 
24.10) there have been a number of bug-fixes and enhancements that are also 
applicable.

Sources:
CVEs: https://tomcat.apache.org/security-10.html
Current packages: https://launchpad.net/ubuntu/+source/tomcat10
Additional bugfixes and enhancments: 
https://tomcat.apache.org/tomcat-10.1-doc/changelog.html

** Affects: tomcat10 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2086358

Title:
  Multiple CVE patches, bugfixes, and enhancements availble for 11month
  old LTS package.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tomcat10/+bug/2086358/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to