svn commit: r1804734 - in /tomcat/site/trunk: docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

svn commit: r1804734 - in /tomcat/site/trunk: docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml

markt
Author: markt
Date: Thu Aug 10 22:01:13 2017
New Revision: 1804734

URL: http://svn.apache.org/viewvc?rev=1804734&view=rev
Log:
Add info for:
- CVE-2017-7674
- CVE-2017-7675

Modified:
    tomcat/site/trunk/docs/security-7.html
    tomcat/site/trunk/docs/security-8.html
    tomcat/site/trunk/docs/security-9.html
    tomcat/site/trunk/xdocs/security-7.xml
    tomcat/site/trunk/xdocs/security-8.xml
    tomcat/site/trunk/xdocs/security-9.xml

Modified: tomcat/site/trunk/docs/security-7.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1804734&r1=1804733&r2=1804734&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Thu Aug 10 22:01:13 2017
@@ -210,6 +210,9 @@
 <a href="#Apache_Tomcat_7.x_vulnerabilities">Apache Tomcat 7.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_7.0.79">Fixed in Apache Tomcat 7.0.79</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_7.0.78">Fixed in Apache Tomcat 7.0.78</a>
 </li>
 <li>
@@ -366,6 +369,34 @@
 
   
 </div>
+<h3 id="Fixed_in_Apache_Tomcat_7.0.79">
+<span style="float: right;">1 July 2017</span> Fixed in Apache Tomcat 7.0.79</h3>
+<div class="text">
+
+    
+<p>
+<strong>Moderate: Cache Poisoning</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674" rel="nofollow">CVE-2017-7674</a>
+</p>
+
+    
+<p>The CORS Filter did not an HTTP Vary header indicating that the response
+       varies depending on Origin. This permitted client and server side cache
+       poisoning in some circumstances.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1795816">1795816</a>.</p>
+
+    
+<p>The issue was reported as bug <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=61101">61101</a> on 16 May 2017. The full
+       implications of this issue were identified by the Tomcat Security Team
+       the same day. This issue was made public on 10 August 2017.</p>
+
+    
+<p>Affects: 7.0.41 to 7.0.78</p>
+
+  
+</div>
 <h3 id="Fixed_in_Apache_Tomcat_7.0.78">
 <span style="float: right;">16 May 2017</span> Fixed in Apache Tomcat 7.0.78</h3>
 <div class="text">

Modified: tomcat/site/trunk/docs/security-8.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-8.html?rev=1804734&r1=1804733&r2=1804734&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-8.html (original)
+++ tomcat/site/trunk/docs/security-8.html Thu Aug 10 22:01:13 2017
@@ -210,6 +210,12 @@
 <a href="#Apache_Tomcat_8.x_vulnerabilities">Apache Tomcat 8.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_8.0.45">Fixed in Apache Tomcat 8.0.45</a>
+</li>
+<li>
+<a href="#Fixed_in_Apache_Tomcat_8.5.16">Fixed in Apache Tomcat 8.5.16</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_8.0.44">Fixed in Apache Tomcat 8.0.44</a>
 </li>
 <li>
@@ -330,6 +336,85 @@
 
   
 </div>
+<h3 id="Fixed_in_Apache_Tomcat_8.0.45">
+<span style="float: right;">1 July 2017</span> Fixed in Apache Tomcat 8.0.45</h3>
+<div class="text">
+
+    
+<p>
+<strong>Moderate: Cache Poisoning</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674" rel="nofollow">CVE-2017-7674</a>
+</p>
+
+    
+<p>The CORS Filter did not an HTTP Vary header indicating that the response
+       varies depending on Origin. This permitted client and server side cache
+       poisoning in some circumstances.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1795815">1795815</a>.</p>
+
+    
+<p>The issue was reported as bug <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=61101">61101</a> on 16 May 2017. The full
+       implications of this issue were identified by the Tomcat Security Team
+       the same day. This issue was made public on 10 August 2017.</p>
+
+    
+<p>Affects: 8.0.0.RC1 to 8.0.44</p>
+
+  
+</div>
+<h3 id="Fixed_in_Apache_Tomcat_8.5.16">
+<span style="float: right;">26 June 2017</span> Fixed in Apache Tomcat 8.5.16</h3>
+<div class="text">
+
+    
+<p>
+<strong>Important: Security Constraint Bypass</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675" rel="nofollow">CVE-2017-7675</a>
+</p>
+
+    
+<p>The HTTP/2 implementation bypassed a number of security checks that
+       prevented directory traversal attacks. It was therefore possible to
+       bypass security constraints using an specially crafted URL.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1796091">1796091</a>.</p>
+
+    
+<p>The issue was originally reported as a failure to process URL path
+       parameters in bug <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=61120">61120</a> on 24 May 2017. The full implications
+       of this issue were identified by the Tomcat Security Team the same day.
+       This issue was made public on 10 August 2017.</p>
+
+    
+<p>Affects: 8.5.0 to 8.5.15</p>
+
+    
+<p>
+<strong>Moderate: Cache Poisoning</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674" rel="nofollow">CVE-2017-7674</a>
+</p>
+
+    
+<p>The CORS Filter did not an HTTP Vary header indicating that the response
+       varies depending on Origin. This permitted client and server side cache
+       poisoning in some circumstances.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1795814">1795814</a>.</p>
+
+    
+<p>The issue was reported as bug <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=61101">61101</a> on 16 May 2017. The full
+       implications of this issue were identified by the Tomcat Security Team
+       the same day. This issue was made public on 10 August 2017.</p>
+
+    
+<p>Affects: 8.5.0 to 8.5.15</p>
+
+  
+</div>
 <h3 id="Fixed_in_Apache_Tomcat_8.0.44">
 <span style="float: right;">16 May 2017</span> Fixed in Apache Tomcat 8.0.44</h3>
 <div class="text">

Modified: tomcat/site/trunk/docs/security-9.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-9.html?rev=1804734&r1=1804733&r2=1804734&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-9.html (original)
+++ tomcat/site/trunk/docs/security-9.html Thu Aug 10 22:01:13 2017
@@ -210,6 +210,9 @@
 <a href="#Apache_Tomcat_9.x_vulnerabilities">Apache Tomcat 9.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_9.0.0.M22">Fixed in Apache Tomcat 9.0.0.M22</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_9.0.0.M21">Fixed in Apache Tomcat 9.0.0.M21</a>
 </li>
 <li>
@@ -285,6 +288,57 @@
 
   
 </div>
+<h3 id="Fixed_in_Apache_Tomcat_9.0.0.M22">
+<span style="float: right;">26 June 2017</span> Fixed in Apache Tomcat 9.0.0.M22</h3>
+<div class="text">
+
+    
+<p>
+<strong>Important: Security Constraint Bypass</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7675" rel="nofollow">CVE-2017-7675</a>
+</p>
+
+    
+<p>The HTTP/2 implementation bypassed a number of security checks that
+       prevented directory traversal attacks. It was therefore possible to
+       bypass security constraints using an specially crafted URL.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1796090">1796090</a>.</p>
+
+    
+<p>The issue was originally reported as a failure to process URL path
+       parameters in bug <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=61120">61120</a> on 24 May 2017. The full implications
+       of this issue were identified by the Tomcat Security Team the same day.
+       This issue was made public on 10 August 2017.</p>
+
+    
+<p>Affects: 9.0.0.M1 to 9.0.0.M21</p>
+
+    
+<p>
+<strong>Moderate: Cache Poisoning</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674" rel="nofollow">CVE-2017-7674</a>
+</p>
+
+    
+<p>The CORS Filter did not an HTTP Vary header indicating that the response
+       varies depending on Origin. This permitted client and server side cache
+       poisoning in some circumstances.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1795813">1795813</a>.</p>
+
+    
+<p>The issue was reported as bug <a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=61101">61101</a> on 16 May 2017. The full
+       implications of this issue were identified by the Tomcat Security Team
+       the same day. This issue was made public on 10 August 2017.</p>
+
+    
+<p>Affects: 9.0.0.M1 to 9.0.0.M21</p>
+
+  
+</div>
 <h3 id="Fixed_in_Apache_Tomcat_9.0.0.M21">
 <span style="float: right;">10 May 2017</span> Fixed in Apache Tomcat 9.0.0.M21</h3>
 <div class="text">

Modified: tomcat/site/trunk/xdocs/security-7.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1804734&r1=1804733&r2=1804734&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Thu Aug 10 22:01:13 2017
@@ -50,6 +50,25 @@
 
   </section>
 
+  <section name="Fixed in Apache Tomcat 7.0.79" rtext="1 July 2017">
+
+    <p><strong>Moderate: Cache Poisoning</strong>
+       <cve>CVE-2017-7674</cve></p>
+
+    <p>The CORS Filter did not an HTTP Vary header indicating that the response
+       varies depending on Origin. This permitted client and server side cache
+       poisoning in some circumstances.</p>
+
+    <p>This was fixed in revision <revlink rev="1795816">1795816</revlink>.</p>
+
+    <p>The issue was reported as bug <bug>61101</bug> on 16 May 2017. The full
+       implications of this issue were identified by the Tomcat Security Team
+       the same day. This issue was made public on 10 August 2017.</p>
+
+    <p>Affects: 7.0.41 to 7.0.78</p>
+
+  </section>
+
   <section name="Fixed in Apache Tomcat 7.0.78" rtext="16 May 2017">
   
     <p><strong>Important: Security Constraint Bypass</strong>

Modified: tomcat/site/trunk/xdocs/security-8.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-8.xml?rev=1804734&r1=1804733&r2=1804734&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-8.xml (original)
+++ tomcat/site/trunk/xdocs/security-8.xml Thu Aug 10 22:01:13 2017
@@ -50,6 +50,60 @@
 
   </section>
 
+  <section name="Fixed in Apache Tomcat 8.0.45" rtext="1 July 2017">
+
+    <p><strong>Moderate: Cache Poisoning</strong>
+       <cve>CVE-2017-7674</cve></p>
+
+    <p>The CORS Filter did not an HTTP Vary header indicating that the response
+       varies depending on Origin. This permitted client and server side cache
+       poisoning in some circumstances.</p>
+
+    <p>This was fixed in revision <revlink rev="1795815">1795815</revlink>.</p>
+
+    <p>The issue was reported as bug <bug>61101</bug> on 16 May 2017. The full
+       implications of this issue were identified by the Tomcat Security Team
+       the same day. This issue was made public on 10 August 2017.</p>
+
+    <p>Affects: 8.0.0.RC1 to 8.0.44</p>
+
+  </section>
+
+  <section name="Fixed in Apache Tomcat 8.5.16" rtext="26 June 2017">
+
+    <p><strong>Important: Security Constraint Bypass</strong>
+       <cve>CVE-2017-7675</cve></p>
+
+    <p>The HTTP/2 implementation bypassed a number of security checks that
+       prevented directory traversal attacks. It was therefore possible to
+       bypass security constraints using an specially crafted URL.</p>
+
+    <p>This was fixed in revision <revlink rev="1796091">1796091</revlink>.</p>
+
+    <p>The issue was originally reported as a failure to process URL path
+       parameters in bug <bug>61120</bug> on 24 May 2017. The full implications
+       of this issue were identified by the Tomcat Security Team the same day.
+       This issue was made public on 10 August 2017.</p>
+
+    <p>Affects: 8.5.0 to 8.5.15</p>
+
+    <p><strong>Moderate: Cache Poisoning</strong>
+       <cve>CVE-2017-7674</cve></p>
+
+    <p>The CORS Filter did not an HTTP Vary header indicating that the response
+       varies depending on Origin. This permitted client and server side cache
+       poisoning in some circumstances.</p>
+
+    <p>This was fixed in revision <revlink rev="1795814">1795814</revlink>.</p>
+
+    <p>The issue was reported as bug <bug>61101</bug> on 16 May 2017. The full
+       implications of this issue were identified by the Tomcat Security Team
+       the same day. This issue was made public on 10 August 2017.</p>
+
+    <p>Affects: 8.5.0 to 8.5.15</p>
+
+  </section>
+
   <section name="Fixed in Apache Tomcat 8.0.44" rtext="16 May 2017">
   
     <p><strong>Important: Security Constraint Bypass</strong>

Modified: tomcat/site/trunk/xdocs/security-9.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-9.xml?rev=1804734&r1=1804733&r2=1804734&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-9.xml (original)
+++ tomcat/site/trunk/xdocs/security-9.xml Thu Aug 10 22:01:13 2017
@@ -50,6 +50,41 @@
 
   </section>
 
+  <section name="Fixed in Apache Tomcat 9.0.0.M22" rtext="26 June 2017">
+
+    <p><strong>Important: Security Constraint Bypass</strong>
+       <cve>CVE-2017-7675</cve></p>
+
+    <p>The HTTP/2 implementation bypassed a number of security checks that
+       prevented directory traversal attacks. It was therefore possible to
+       bypass security constraints using an specially crafted URL.</p>
+
+    <p>This was fixed in revision <revlink rev="1796090">1796090</revlink>.</p>
+
+    <p>The issue was originally reported as a failure to process URL path
+       parameters in bug <bug>61120</bug> on 24 May 2017. The full implications
+       of this issue were identified by the Tomcat Security Team the same day.
+       This issue was made public on 10 August 2017.</p>
+
+    <p>Affects: 9.0.0.M1 to 9.0.0.M21</p>
+
+    <p><strong>Moderate: Cache Poisoning</strong>
+       <cve>CVE-2017-7674</cve></p>
+
+    <p>The CORS Filter did not an HTTP Vary header indicating that the response
+       varies depending on Origin. This permitted client and server side cache
+       poisoning in some circumstances.</p>
+
+    <p>This was fixed in revision <revlink rev="1795813">1795813</revlink>.</p>
+
+    <p>The issue was reported as bug <bug>61101</bug> on 16 May 2017. The full
+       implications of this issue were identified by the Tomcat Security Team
+       the same day. This issue was made public on 10 August 2017.</p>
+
+    <p>Affects: 9.0.0.M1 to 9.0.0.M21</p>
+
+  </section>
+
   <section name="Fixed in Apache Tomcat 9.0.0.M21" rtext="10 May 2017">
   
     <p><strong>Important: Security Constraint Bypass</strong>



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Loading...