[Git][security-tracker-team/security-tracker][master] Add Debian bug references for tomcat issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 30 06:10:27 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
18b4c6f1 by Salvatore Bonaccorso at 2025-05-30T07:10:01+02:00
Add Debian bug references for tomcat issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -66,8 +66,8 @@ CVE-2025-46823 (openmrs-module-fhir2 provides the FHIR REST API and related serv
CVE-2025-46722 (vLLM is an inference and serving engine for large language models (LLM ...)
- vllm <itp> (bug #1095237)
CVE-2025-46701 (Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's ...)
- - tomcat11 <unfixed>
- - tomcat10 <unfixed>
+ - tomcat11 <unfixed> (bug #1106821)
+ - tomcat10 <unfixed> (bug #1106820)
- tomcat9 9.0.70-2
[bullseye] - tomcat9 <postponed> (Minor issue, unlikely access control bypass, fix along with next DLA)
NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server stack, using that as the fixed version
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18b4c6f17c8a3945eee784b940ec011a8bd00a02
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18b4c6f17c8a3945eee784b940ec011a8bd00a02
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250530/c6dfeb4b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list