DSA-3892 tomcat7 - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
Aniket Nandkishor Kulkarni discovered that in tomcat7, a servlet andJSP engine, static error pages used the original requests HTTP methodto serve content, instead of systematically using the GET method. Thiscould under certain conditions result in undesirable results,including the replacement or removal of the custom error page.
More info:
https://www.debian.org/security/2017/dsa-3892 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2017-5664 and DSA-3892. |