Chapter 4. Security Fixes
This update includes fixes for the following security related issues:
ID | Impact | Summary |
---|---|---|
Moderate | tomcat: local privilege escalation | |
Low | tomcat: session fixation when using FORM authentication | |
Low | tomcat: Regression in handling of Transfer-Encoding header allows for HTTP request smuggling | |
Low | tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling | |
Moderate | openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) |