安全公告详情

NS-SA-2021-0144

2021-09-24 11:21:17

简介

important: freetype/tomcat security update

严重级别

important

主题

An update for freetype/tomcat is now available for NewStart CGSL MAIN 5.05/CGSL CORE 5.05.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

freetype: The freetype-devel package includes the static libraries and header files for the FreeType font rendering engine. Install freetype-devel if you want to develop programs which will use FreeType.
tomcat: The docs web application for Apache Tomcat.


Security Fix(es):
freetype: Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.(CVE-2020-15999)
freetype: bugfix
tomcat: A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.(CVE-2020-1935)
tomcat: The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.(CVE-2020-13935)
tomcat: When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.(CVE-2019-17563)
tomcat: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.05.F11B5.

影响组件

  • freetype
  • tomcat

影响产品

  • CGSL MAIN 5.05
  • CGSL CORE 5.05

更新包

{"fix":[{"product":"CGSL MAIN 5.05","pkgs":[{"binary":["freetype-2.8-14.el7_9.1.x86_64.rpm","freetype-demos-2.8-14.el7_9.1.x86_64.rpm","freetype-devel-2.8-14.el7_9.1.x86_64.rpm"],"source":"freetype-2.8-14.el7_9.1.src.rpm"},{"binary":["tomcat-docs-webapp-7.0.76-16.el7_9.noarch.rpm","tomcat-el-2.2-api-7.0.76-16.el7_9.noarch.rpm","tomcat-javadoc-7.0.76-16.el7_9.noarch.rpm","tomcat-admin-webapps-7.0.76-16.el7_9.noarch.rpm","tomcat-webapps-7.0.76-16.el7_9.noarch.rpm","tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch.rpm","tomcat-jsvc-7.0.76-16.el7_9.noarch.rpm","tomcat-7.0.76-16.el7_9.noarch.rpm","tomcat-lib-7.0.76-16.el7_9.noarch.rpm","tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch.rpm"],"source":"tomcat-7.0.76-16.el7_9.src.rpm"}]},{"product":"CGSL CORE 5.05","pkgs":[{"binary":["freetype-2.8-14.el7_9.1.x86_64.rpm","freetype-demos-2.8-14.el7_9.1.x86_64.rpm","freetype-devel-2.8-14.el7_9.1.x86_64.rpm"],"source":"freetype-2.8-14.el7_9.1.src.rpm"},{"binary":["tomcat-docs-webapp-7.0.76-16.el7_9.noarch.rpm","tomcat-el-2.2-api-7.0.76-16.el7_9.noarch.rpm","tomcat-javadoc-7.0.76-16.el7_9.noarch.rpm","tomcat-admin-webapps-7.0.76-16.el7_9.noarch.rpm","tomcat-webapps-7.0.76-16.el7_9.noarch.rpm","tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch.rpm","tomcat-jsvc-7.0.76-16.el7_9.noarch.rpm","tomcat-7.0.76-16.el7_9.noarch.rpm","tomcat-lib-7.0.76-16.el7_9.noarch.rpm","tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch.rpm"],"source":"tomcat-7.0.76-16.el7_9.src.rpm"}]}]}

CVE

参考