tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1749643 - in /tomcat/site/trunk: docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml
Date Wed, 22 Jun 2016 09:36:34 GMT
Author: markt
Date: Wed Jun 22 09:36:34 2016
New Revision: 1749643

URL: http://svn.apache.org/viewvc?rev=1749643&view=rev
Log:
Add details of CVE-2016-3092

Modified:
    tomcat/site/trunk/docs/security-7.html
    tomcat/site/trunk/docs/security-8.html
    tomcat/site/trunk/docs/security-9.html
    tomcat/site/trunk/xdocs/security-7.xml
    tomcat/site/trunk/xdocs/security-8.xml
    tomcat/site/trunk/xdocs/security-9.xml

Modified: tomcat/site/trunk/docs/security-7.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1749643&r1=1749642&r2=1749643&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Wed Jun 22 09:36:34 2016
@@ -219,6 +219,9 @@
 <a href="#Apache_Tomcat_7.x_vulnerabilities">Apache Tomcat 7.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_7.0.70">Fixed in Apache Tomcat 7.0.70</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_7.0.68">Fixed in Apache Tomcat 7.0.68</a>
 </li>
 <li>
@@ -354,6 +357,38 @@
 
   
 </div>
+<h3 id="Fixed_in_Apache_Tomcat_7.0.70">
+<span style="float: right;">20 June 2016</span> Fixed in Apache Tomcat 7.0.70</h3>
+<div class="text">
+  
+    
+<p>
+<strong>Moderate: Denial of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092" rel="nofollow">CVE-2016-3092</a>
+</p>
+
+    
+<p>Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to
+       implement the file upload requirements of the Servlet specification. A
+       denial of service vulnerability was identified in Commons FileUpload that
+       occurred when the length of the multipart boundary was just below the
+       size of the buffer (4096 bytes) used to read the uploaded file. This
+       caused the file upload process to take several orders of magnitude
+       longer than if the boundary was the typical tens of bytes long.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1743742">1743742</a>.</p>
+
+    
+<p>This issue was identified by the TERASOLUNA Framework Development Team
+       and reported to the Apache Commons team via JPCERT on 9 May 2016. It was
+       made public on 21 June 2016.</p>
+
+    
+<p>Affects: 7.0.0 to 7.0.69</p>
+
+  
+</div>
 <h3 id="Fixed_in_Apache_Tomcat_7.0.68">
 <span style="float: right;">16 February 2016</span> Fixed in Apache Tomcat 7.0.68</h3>
 <div class="text">

Modified: tomcat/site/trunk/docs/security-8.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-8.html?rev=1749643&r1=1749642&r2=1749643&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-8.html (original)
+++ tomcat/site/trunk/docs/security-8.html Wed Jun 22 09:36:34 2016
@@ -219,6 +219,9 @@
 <a href="#Apache_Tomcat_8.x_vulnerabilities">Apache Tomcat 8.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_8.5.3_and_8.0.36">Fixed in Apache Tomcat 8.5.3 and
8.0.36</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_8.0.32">Fixed in Apache Tomcat 8.0.32</a>
 </li>
 <li>
@@ -300,6 +303,40 @@
 
   
 </div>
+<h3 id="Fixed_in_Apache_Tomcat_8.5.3_and_8.0.36">
+<span style="float: right;">13 June 2016</span> Fixed in Apache Tomcat 8.5.3
and 8.0.36</h3>
+<div class="text">
+  
+    
+<p>
+<strong>Moderate: Denial of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092" rel="nofollow">CVE-2016-3092</a>
+</p>
+
+    
+<p>Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to
+       implement the file upload requirements of the Servlet specification. A
+       denial of service vulnerability was identified in Commons FileUpload that
+       occurred when the length of the multipart boundary was just below the
+       size of the buffer (4096 bytes) used to read the uploaded file. This
+       caused the file upload process to take several orders of magnitude
+       longer than if the boundary was the typical tens of bytes long.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1743722">1743722</a>
for
+       8.5.x and revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1743738">1743738</a>
for
+       8.0.x.</p>
+
+    
+<p>This issue was identified by the TERASOLUNA Framework Development Team
+       and reported to the Apache Commons team via JPCERT on 9 May 2016. It was
+       made public on 21 June 2016.</p>
+
+    
+<p>Affects: 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35</p>
+
+  
+</div>
 <h3 id="Fixed_in_Apache_Tomcat_8.0.32">
 <span style="float: right;">8 February 2016</span> Fixed in Apache Tomcat 8.0.32</h3>
 <div class="text">

Modified: tomcat/site/trunk/docs/security-9.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-9.html?rev=1749643&r1=1749642&r2=1749643&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-9.html (original)
+++ tomcat/site/trunk/docs/security-9.html Wed Jun 22 09:36:34 2016
@@ -219,6 +219,9 @@
 <a href="#Apache_Tomcat_9.x_vulnerabilities">Apache Tomcat 9.x vulnerabilities</a>
 </li>
 <li>
+<a href="#Fixed_in_Apache_Tomcat_9.0.0.M8">Fixed in Apache Tomcat 9.0.0.M8</a>
+</li>
+<li>
 <a href="#Fixed_in_Apache_Tomcat_9.0.0.M3">Fixed in Apache Tomcat 9.0.0.M3</a>
 </li>
 </ul>
@@ -270,6 +273,47 @@
 
   
 </div>
+<h3 id="Fixed_in_Apache_Tomcat_9.0.0.M8">
+<span style="float: right;">13 June 2016</span> Fixed in Apache Tomcat 9.0.0.M8</h3>
+<div class="text">
+  
+    
+<p>
+<i>Note: The issue below was fixed in Apache Tomcat 9.0.0.M7 but the
+       release vote for the 9.0.0.M7 release candidate did not pass. Therefore,
+       although users must download 9.0.0.M8 to obtain a version that includes
+       fixes for these issues, version 9.0.0.M7 is not included in the list of
+       affected versions.</i>
+</p>
+  
+    
+<p>
+<strong>Moderate: Denial of Service</strong>
+       <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092" rel="nofollow">CVE-2016-3092</a>
+</p>
+
+    
+<p>Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to
+       implement the file upload requirements of the Servlet specification. A
+       denial of service vulnerability was identified in Commons FileUpload that
+       occurred when the length of the multipart boundary was just below the
+       size of the buffer (4096 bytes) used to read the uploaded file. This
+       caused the file upload process to take several orders of magnitude
+       longer than if the boundary was the typical tens of bytes long.</p>
+
+    
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&amp;rev=1743700">1743700</a>.</p>
+
+    
+<p>This issue was identified by the TERASOLUNA Framework Development Team
+       and reported to the Apache Commons team via JPCERT on 9 May 2016. It was
+       made public on 21 June 2016.</p>
+
+    
+<p>Affects: 9.0.0.M1 to 9.0.0.M6</p>
+
+  
+</div>
 <h3 id="Fixed_in_Apache_Tomcat_9.0.0.M3">
 <span style="float: right;">5 January 2016</span> Fixed in Apache Tomcat 9.0.0.M3</h3>
 <div class="text">

Modified: tomcat/site/trunk/xdocs/security-7.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1749643&r1=1749642&r2=1749643&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Wed Jun 22 09:36:34 2016
@@ -50,6 +50,29 @@
 
   </section>
 
+  <section name="Fixed in Apache Tomcat 7.0.70" rtext="20 June 2016">
+  
+    <p><strong>Moderate: Denial of Service</strong>
+       <cve>CVE-2016-3092</cve></p>
+
+    <p>Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to
+       implement the file upload requirements of the Servlet specification. A
+       denial of service vulnerability was identified in Commons FileUpload that
+       occurred when the length of the multipart boundary was just below the
+       size of the buffer (4096 bytes) used to read the uploaded file. This
+       caused the file upload process to take several orders of magnitude
+       longer than if the boundary was the typical tens of bytes long.</p>
+
+    <p>This was fixed in revision <revlink rev="1743742">1743742</revlink>.</p>
+
+    <p>This issue was identified by the TERASOLUNA Framework Development Team
+       and reported to the Apache Commons team via JPCERT on 9 May 2016. It was
+       made public on 21 June 2016.</p>
+
+    <p>Affects: 7.0.0 to 7.0.69</p>
+
+  </section>
+  
   <section name="Fixed in Apache Tomcat 7.0.68" rtext="16 February 2016">
 
     <p><strong>Low: Directory disclosure</strong>

Modified: tomcat/site/trunk/xdocs/security-8.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-8.xml?rev=1749643&r1=1749642&r2=1749643&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-8.xml (original)
+++ tomcat/site/trunk/xdocs/security-8.xml Wed Jun 22 09:36:34 2016
@@ -50,6 +50,31 @@
 
   </section>
 
+  <section name="Fixed in Apache Tomcat 8.5.3 and 8.0.36" rtext="13 June 2016">
+  
+    <p><strong>Moderate: Denial of Service</strong>
+       <cve>CVE-2016-3092</cve></p>
+
+    <p>Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to
+       implement the file upload requirements of the Servlet specification. A
+       denial of service vulnerability was identified in Commons FileUpload that
+       occurred when the length of the multipart boundary was just below the
+       size of the buffer (4096 bytes) used to read the uploaded file. This
+       caused the file upload process to take several orders of magnitude
+       longer than if the boundary was the typical tens of bytes long.</p>
+
+    <p>This was fixed in revision <revlink rev="1743722">1743722</revlink>
for
+       8.5.x and revision <revlink rev="1743738">1743738</revlink> for
+       8.0.x.</p>
+
+    <p>This issue was identified by the TERASOLUNA Framework Development Team
+       and reported to the Apache Commons team via JPCERT on 9 May 2016. It was
+       made public on 21 June 2016.</p>
+
+    <p>Affects: 8.5.0 to 8.5.2, 8.0.0.RC1 to 8.0.35</p>
+
+  </section>
+  
   <section name="Fixed in Apache Tomcat 8.0.32" rtext="8 February 2016">
 
   <p><i>Note: The issues below were fixed in Apache Tomcat 8.0.31 but the

Modified: tomcat/site/trunk/xdocs/security-9.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-9.xml?rev=1749643&r1=1749642&r2=1749643&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-9.xml (original)
+++ tomcat/site/trunk/xdocs/security-9.xml Wed Jun 22 09:36:34 2016
@@ -50,6 +50,35 @@
 
   </section>
 
+  <section name="Fixed in Apache Tomcat 9.0.0.M8" rtext="13 June 2016">
+  
+    <p><i>Note: The issue below was fixed in Apache Tomcat 9.0.0.M7 but the
+       release vote for the 9.0.0.M7 release candidate did not pass. Therefore,
+       although users must download 9.0.0.M8 to obtain a version that includes
+       fixes for these issues, version 9.0.0.M7 is not included in the list of
+       affected versions.</i></p>
+  
+    <p><strong>Moderate: Denial of Service</strong>
+       <cve>CVE-2016-3092</cve></p>
+
+    <p>Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to
+       implement the file upload requirements of the Servlet specification. A
+       denial of service vulnerability was identified in Commons FileUpload that
+       occurred when the length of the multipart boundary was just below the
+       size of the buffer (4096 bytes) used to read the uploaded file. This
+       caused the file upload process to take several orders of magnitude
+       longer than if the boundary was the typical tens of bytes long.</p>
+
+    <p>This was fixed in revision <revlink rev="1743700">1743700</revlink>.</p>
+
+    <p>This issue was identified by the TERASOLUNA Framework Development Team
+       and reported to the Apache Commons team via JPCERT on 9 May 2016. It was
+       made public on 21 June 2016.</p>
+
+    <p>Affects: 9.0.0.M1 to 9.0.0.M6</p>
+
+  </section>
+  
   <section name="Fixed in Apache Tomcat 9.0.0.M3" rtext="5 January 2016">
   
     <p><strong>Moderate: Security Manager bypass</strong>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message