CLSA-2024-1705081413

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2024-1705081413

Upstream

CVE-2023-46589

Published

2024-01-12T17:43:37Z

Modified

2026-06-04T09:45:50.623105568Z

Summary

Fix CVE(s): CVE-2023-46589

Details

SECURITY UPDATE: Request smuggling
- debian/patches/CVE-2023-46589-pre1.patch: Correct a regression in the error page handling that prevented error pages from issuing redirects or taking other action that required the response status code to be changed
- debian/patches/CVE-2023-46589-pre2.patch: Align processing of trailer headers with standard processing
- debian/patches/CVE-2023-46589-pre3.patch: Differentiate request cancellation from a bad request
- debian/patches/CVE-2023-46589-pre4.patch: Use application provided status code for error page if present
- debian/patches/CVE-2023-46589.patch: Ensure IOException on request read always triggers error handling
- CVE-2023-46589
Internal tests:
- debian/patches/0100-stop-testing-if-a-failure-occurs.patch: Stop testing if a failure occurs
- debian/patches/0101-skipping-tests-incompatible-with-firewall.patch: Skipping tests incompatible with the firewall settings of the build system
- debian/test_certs/user1.jks: Update the keystore file from the upstream branch 8.5.x

References

https://errata.cloudlinux.com/ubuntu18_04-els/CLSA-2024-1705081413

Affected packages

TuxCare:Ubuntu:18.04

libtomcat8-embed-java

Package

Name: libtomcat8-embed-java
Purl: pkg:deb/tuxcare/libtomcat8-embed-java?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.39-1ubuntu1~18.04.3+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json"

libtomcat8-java

Package

Name: libtomcat8-java
Purl: pkg:deb/tuxcare/libtomcat8-java?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.39-1ubuntu1~18.04.3+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json"

tomcat8

Package

Name: tomcat8
Purl: pkg:deb/tuxcare/tomcat8?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.39-1ubuntu1~18.04.3+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json"

tomcat8-admin

Package

Name: tomcat8-admin
Purl: pkg:deb/tuxcare/tomcat8-admin?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.39-1ubuntu1~18.04.3+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json"

tomcat8-common

Package

Name: tomcat8-common
Purl: pkg:deb/tuxcare/tomcat8-common?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.39-1ubuntu1~18.04.3+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json"

tomcat8-docs

Package

Name: tomcat8-docs
Purl: pkg:deb/tuxcare/tomcat8-docs?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.39-1ubuntu1~18.04.3+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json"

tomcat8-examples

Package

Name: tomcat8-examples
Purl: pkg:deb/tuxcare/tomcat8-examples?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.39-1ubuntu1~18.04.3+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json"

tomcat8-user

Package

Name: tomcat8-user
Purl: pkg:deb/tuxcare/tomcat8-user?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8.5.39-1ubuntu1~18.04.3+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1705081413.json"