Tomcat Vulnerabilities Fixed for Multiple Ubuntu OSes

A normal system update will solve these security issues

  Ubuntu 12.04 LTS desktop
On January 14 Canonical published in a security notice details about Tomcat vulnerabilities for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.

On January 14 Canonical published in a security notice details about Tomcat vulnerabilities for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.

According to Canonical, several security issues were fixed in Tomcat. It was discovered that Tomcat incorrectly performed certain security constraint checks in the FORM authenticator.

A remote attacker could possibly use this flaw with a specially-crafted URI to bypass security constraint checks.

For a more detailed description of the security problems, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest libtomcat7-java and libtomcat6-java packages, specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is not necessary.

Comments