Bugzilla – Bug 1082480
VUL-0: CVE-2018-1304: tomcat, tomcat6: Incorrect handling of empty string URL in security constraints can lead to unitended exposure of resources
Last modified: 2019-06-06 11:46:10 UTC
rh#1548289 Apache Tomcat versions 7.0.0 to 7.0.84, 8.0.0.RC1 to 8.0.49 and 8.5.0 to 8.5.27 does not properly handle the URL empty string ("") when used as part of a security constraint definition. This can lead to the security constraint being ignored, leading to unitended exposure of resources. External References: https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28 Upstream Bug Report: https://bz.apache.org/bugzilla/show_bug.cgi?id=62067 Upstream Fixes: Tomcat 7.0.x: http://svn.apache.org/viewvc?view=rev&rev=1823309 Tomcat 8.0.x: http://svn.apache.org/viewvc?view=rev&rev=1814827 Tomcat 8.5.x: http://svn.apache.org/viewvc?view=rev&rev=1823307 References: https://bugzilla.redhat.com/show_bug.cgi?id=1548289 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1304 http://seclists.org/oss-sec/2018/q1/175
The correct Tomcat 8.0.x commit is: http://svn.apache.org/viewvc?view=revision&revision=1823308
SUSE-SU-2018:0817-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 1078677,1082480,1082481 CVE References: CVE-2017-15706,CVE-2018-1304,CVE-2018-1305 Sources used: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): tomcat-8.0.50-29.8.2 SUSE Linux Enterprise Server 12-SP3 (src): tomcat-8.0.50-29.8.2 SUSE Linux Enterprise Server 12-SP2 (src): tomcat-8.0.50-29.8.2
openSUSE-SU-2018:0852-1: An update that fixes three vulnerabilities is now available. Category: security (moderate) Bug References: 1078677,1082480,1082481 CVE References: CVE-2017-15706,CVE-2018-1304,CVE-2018-1305 Sources used: openSUSE Leap 42.3 (src): tomcat-8.0.50-12.1
SUSE-SU-2018:1847-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1042910,1082480 CVE References: CVE-2017-5664,CVE-2018-1304 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): tomcat6-6.0.53-0.57.7.1
SUSE-SU-2018:3261-1: An update that fixes 7 vulnerabilities is now available. Category: security (moderate) Bug References: 1078677,1082480,1082481,1093697,1102379,1102400,1110850 CVE References: CVE-2017-15706,CVE-2018-11784,CVE-2018-1304,CVE-2018-1305,CVE-2018-1336,CVE-2018-8014,CVE-2018-8034 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): tomcat-7.0.90-7.23.1
SUSE-SU-2018:3388-1: An update that fixes 8 vulnerabilities is now available. Category: security (moderate) Bug References: 1078677,1082480,1082481,1093697,1102379,1102400,1102410,1110850 CVE References: CVE-2017-15706,CVE-2018-11784,CVE-2018-1304,CVE-2018-1305,CVE-2018-1336,CVE-2018-8014,CVE-2018-8034,CVE-2018-8037 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): tomcat-8.0.53-10.35.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): tomcat-8.0.53-10.35.1
done