MGASA-2016-0260

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0260.html

Import Source

https://advisories.mageia.org/MGASA-2016-0260.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2016-0260

Related

CVE-2016-3092

Published

2016-07-26T21:16:28Z

Modified

2016-07-26T21:09:33Z

Summary

Updated tomcat/apache-commons-fileupload packages fix security vulnerability

Details

The TERASOLUNA Framework Development Team discovered a denial of service vulnerability in Apache Commons FileUpload. A remote attacker can take advantage of this flaw by sending file upload requests that cause the HTTP server using the Apache Commons Fileupload library to become unresponsive, preventing the server from servicing other requests.

Tomcat contains a bundled copy of this library, so it has also been patched to fix this issue.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / tomcat

Package

Name: tomcat
Purl: pkg:rpm/mageia/tomcat?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.0.68-1.1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / apache-commons-fileupload

Package

Name: apache-commons-fileupload
Purl: pkg:rpm/mageia/apache-commons-fileupload?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.1-4.1.mga5

Ecosystem specific

{
    "section": "core"
}