Re: Vulnerabilities Patches

Mon, 06 Nov 2023 17:31:44 -0800 


> On Nov 6, 2023, at 19:27, Nithiyanandam BALASUBRAMANIYAN (Oneberry) 
> <nithiyanan...@oneberry.com> wrote:
> 
> May I know how to apply to windows as my system is no internet allowed. 
> Thanks 


If you’re running 8.5.94, those four CVEs are already fixed in that version.

  - Chuck


> -----Original Message-----
> From: Evan Rempel <erem...@uvic.ca> 
> Sent: Tuesday, November 7, 2023 9:24 AM
> To: users@tomcat.apache.org
> Subject: Re: Vulnerabilities Patches
> 
> https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94
> 
> On 2023-11-06 17:21, Nithiyanandam BALASUBRAMANIYAN (Oneberry) wrote:
>> 
>> Hi ,
>> 
>> I am using Tomcat Apache Version 8.5.94 in Windows server 2012. 
>> Recently received following vulnerabilities alert to fix :
>> 
>> 1. *Request smuggling*CVE-2023-45648
>>    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45648>
>> 2. *Denial of Service*CVE-2023-44487
>>    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487>
>> 3. *Denial of Service*CVE-2023-42794
>>    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42794>
>> 4. * Information Disclosure*CVE-2023-42795
>>    <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42795>
>> 
>> Can help to let me know the steps how to fix these vulnerabilities for 
>> my current version in windows.
>> 
>> Thanks
>> 
>> ?Best regards,
>> 
>> Nithi,
>> 
>> Head Ops, Commercial and Industrial,
>> 
>> Product Management and SW apps
>> 
>> Mobile:92487954
>> 
>> *Oneberry Technologies Pte Ltd*
>> 
>> *Web: *www.oneberry.com <http://www.oneberry.com/>
>> 
>> *Tel: *(65) 6692 6760 | *Fax: *(65) 6280 2921
>> 
>> *Address: *One Pemimpin, 1 Pemimpin Drive, #08-03, Singapore 576151
>> 
>> <http://www.oneberry.com/>
>> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org























					Reply via email to