CLSA-2026-1779893247

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1779893247

Upstream

CVE-2026-41284

CVE-2026-43512

CVE-2026-43513

CVE-2026-43514

CVE-2026-43515

Published

2026-05-27T14:47:32Z

Modified

2026-06-04T10:04:24.274977925Z

Summary

Fix of 5 CVEs

Details

SECURITY UPDATE: add case sensitive attribute to LockOutRealm
- debian/patches/CVE-2026-43513.patch: add case sensitive attribute to LockOutRealm
- CVE-2026-43513
SECURITY UPDATE: fix the handling of invalid users with DIGEST authentication
- debian/patches/CVE-2026-43512.patch: fix the handling of invalid users with DIGEST authentication
- CVE-2026-43512
SECURITY UPDATE: switch AJP secret comparison to a constant time algorithm
- debian/patches/CVE-2026-43514.patch: switch AJP secret comparison to a constant time algorithm
- CVE-2026-43514
SECURITY UPDATE: ensure RealmBase finds all matching extension based constraints
- debian/patches/CVE-2026-43515.patch: ensure RealmBase finds all matching extension based constraints
- CVE-2026-43515
SECURITY UPDATE: add a configurable limit for WebDAV XML request bodies
- debian/patches/CVE-2026-41284.patch: add a configurable limit for WebDAV XML request bodies
- CVE-2026-41284

References

https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2026-1779893247.html

Affected packages

TuxCare:Ubuntu:16.04

libservlet3.0-java

Package

Name: libservlet3.0-java
Purl: pkg:deb/tuxcare/libservlet3.0-java?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"

libservlet3.0-java-doc

Package

Name: libservlet3.0-java-doc
Purl: pkg:deb/tuxcare/libservlet3.0-java-doc?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"

libtomcat7-java

Package

Name: libtomcat7-java
Purl: pkg:deb/tuxcare/libtomcat7-java?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"

tomcat7

Package

Name: tomcat7
Purl: pkg:deb/tuxcare/tomcat7?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"

tomcat7-admin

Package

Name: tomcat7-admin
Purl: pkg:deb/tuxcare/tomcat7-admin?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"

tomcat7-common

Package

Name: tomcat7-common
Purl: pkg:deb/tuxcare/tomcat7-common?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"

tomcat7-docs

Package

Name: tomcat7-docs
Purl: pkg:deb/tuxcare/tomcat7-docs?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"

tomcat7-examples

Package

Name: tomcat7-examples
Purl: pkg:deb/tuxcare/tomcat7-examples?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"

tomcat7-user

Package

Name: tomcat7-user
Purl: pkg:deb/tuxcare/tomcat7-user?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1ubuntu0.4+tuxcare.els8

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1779893247.json"