Security Fix - CVE-2017-12617
Bug #1721749 reported by
sw
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
tomcat7 (Ubuntu) | ||||||
Trusty |
Fix Released
|
Undecided
|
Unassigned | |||
Xenial |
New
|
Undecided
|
Unassigned | |||
Artful |
Won't Fix
|
Undecided
|
Unassigned | |||
Bionic |
New
|
Undecided
|
Unassigned | |||
tomcat8 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | |||
Xenial |
Fix Released
|
Undecided
|
Unassigned | |||
Artful |
Fix Released
|
Undecided
|
Unassigned | |||
Bionic |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Tomcat Versions earlier than 7.0.82, 8.0.47, 8.5.23 or 9.0.1 (beta) are containing the vulnerability
http://
The tomcat8 package in ubuntu xenial wasn't updated in the last month's so I don't think there was a backport of the fix.
CVE References
Changed in tomcat8 (Ubuntu): | |
status: | New → Triaged |
information type: | Private Security → Public Security |
no longer affects: | tomcat7 (Ubuntu) |
To post a comment you must log in.
fixed with 8.5.29-1 in bionic