You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2014/02/06 12:32:14 UTC
svn commit: r1565181 - in /tomcat/site/trunk: build.xml docs/security-7.html
docs/security-8.html xdocs/security-7.xml xdocs/security-8.xml
Author: markt
Date: Thu Feb 6 11:32:14 2014
New Revision: 1565181
URL: http://svn.apache.org/r1565181
Log:
Add details for CVE-2014-0050
Modified:
tomcat/site/trunk/build.xml
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/xdocs/security-7.xml
tomcat/site/trunk/xdocs/security-8.xml
Modified: tomcat/site/trunk/build.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/build.xml?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/build.xml (original)
+++ tomcat/site/trunk/build.xml Thu Feb 6 11:32:14 2014
@@ -211,4 +211,9 @@
<available file="${destfile}" property="exist"/>
</target>
+ <target name="fixeol">
+ <fixcrlf srcdir="${docs.dest}/tomcat-6.0-doc" eol="crlf"
+ encoding="ISO-8859-1" fixlast="false" >
+ </fixcrlf>
+ </target>
</project>
Modified: tomcat/site/trunk/docs/security-7.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Thu Feb 6 11:32:14 2014
@@ -200,6 +200,9 @@
<a href="#Apache_Tomcat_7.x_vulnerabilities">Apache Tomcat 7.x vulnerabilities</a>
</li>
<li>
+<a href="#Fixed_in_Apache_Tomcat_7.0.51">Fixed in Apache Tomcat 7.0.51</a>
+</li>
+<li>
<a href="#Fixed_in_Apache_Tomcat_7.0.40">Fixed in Apache Tomcat 7.0.40</a>
</li>
<li>
@@ -305,6 +308,41 @@
</div>
+<h3 id="Fixed_in_Apache_Tomcat_7.0.51">
+<span style="float: right;">not yet released</span> Fixed in Apache Tomcat 7.0.51</h3>
+<div class="text">
+
+
+<p>
+<strong>Important: Denial of Service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050" rel="nofollow">CVE-2014-0050</a>
+</p>
+
+
+<p>It was possible to craft a malformed Content-Type header for a multipart
+ request that caused Apache Tomcat to enter an infinite loop. A malicious
+ user could, therefore, craft a malformed request that triggered a denial
+ of service.</p>
+
+
+<p>The root cause of this error was a bug in Apache Commons FileUpload.
+ Tomcat 7 uses a packaged renamed copy of Apache Commons FileUpload to
+ implement the requirement of the Servlet 3.0 specification to support the
+ processing of mime-multipart requests. Tomcat 7 was therefore affected by
+ this issue.</p>
+
+
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&rev=1565169">1565169</a>.</p>
+
+
+<p>This issue was reported to the Apache Software Foundation on 04 Feb 2014
+ and accidently made public on 06 Feb 2014.</p>
+
+
+<p>Affects: 8.0.0-RC1-8.0.1</p>
+
+
+</div>
<h3 id="Fixed_in_Apache_Tomcat_7.0.40">
<span style="float: right;">released 9 May 2013</span> Fixed in Apache Tomcat 7.0.40</h3>
<div class="text">
Modified: tomcat/site/trunk/docs/security-8.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-8.html?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-8.html (original)
+++ tomcat/site/trunk/docs/security-8.html Thu Feb 6 11:32:14 2014
@@ -200,7 +200,7 @@
<a href="#Apache_Tomcat_8.x_vulnerabilities">Apache Tomcat 8.x vulnerabilities</a>
</li>
<li>
-<a href="#Fixed_in_Apache_Tomcat_8.0.0-RC1">Fixed in Apache Tomcat 8.0.0-RC1</a>
+<a href="#Fixed_in_Apache_Tomcat_8.0.2">Fixed in Apache Tomcat 8.0.2</a>
</li>
<li>
<a href="#Not_a_vulnerability_in_Tomcat">Not a vulnerability in Tomcat</a>
@@ -254,13 +254,39 @@
</div>
-<h3 id="Fixed_in_Apache_Tomcat_8.0.0-RC1">
-<span style="float: right;">released 5 August 2013</span> Fixed in Apache Tomcat 8.0.0-RC1</h3>
+<h3 id="Fixed_in_Apache_Tomcat_8.0.2">
+<span style="float: right;">not yet released</span> Fixed in Apache Tomcat 8.0.2</h3>
<div class="text">
-<p>No reports</p>
+<p>
+<strong>Important: Denial of Service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050" rel="nofollow">CVE-2014-0050</a>
+</p>
+
+<p>It was possible to craft a malformed Content-Type header for a multipart
+ request that caused Apache Tomcat to enter an infinite loop. A malicious
+ user could, therefore, craft a malformed request that triggered a denial
+ of service.</p>
+
+
+<p>The root cause of this error was a bug in Apache Commons FileUpload.
+ Tomcat 8 uses a packaged renamed copy of Apache Commons FileUpload to
+ implement the requirement of the Servlet 3.0 and later specifications to
+ support the processing of mime-multipart requests. Tomcat 8 was therefore
+ affected by this issue.</p>
+
+
+<p>This was fixed in revision <a href="http://svn.apache.org/viewvc?view=rev&rev=1565163">1565163</a>.</p>
+
+
+<p>This issue was reported to the Apache Software Foundation on 04 Feb 2014
+ and accidently made public on 06 Feb 2014.</p>
+
+
+<p>Affects: 8.0.0-RC1-8.0.1</p>
+
</div>
<h3 id="Not_a_vulnerability_in_Tomcat">Not a vulnerability in Tomcat</h3>
Modified: tomcat/site/trunk/xdocs/security-7.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Thu Feb 6 11:32:14 2014
@@ -50,6 +50,31 @@
</section>
+ <section name="Fixed in Apache Tomcat 7.0.51" rtext="not yet released">
+
+ <p><strong>Important: Denial of Service</strong>
+ <cve>CVE-2014-0050</cve></p>
+
+ <p>It was possible to craft a malformed Content-Type header for a multipart
+ request that caused Apache Tomcat to enter an infinite loop. A malicious
+ user could, therefore, craft a malformed request that triggered a denial
+ of service.</p>
+
+ <p>The root cause of this error was a bug in Apache Commons FileUpload.
+ Tomcat 7 uses a packaged renamed copy of Apache Commons FileUpload to
+ implement the requirement of the Servlet 3.0 specification to support the
+ processing of mime-multipart requests. Tomcat 7 was therefore affected by
+ this issue.</p>
+
+ <p>This was fixed in revision <revlink rev="1565169">1565169</revlink>.</p>
+
+ <p>This issue was reported to the Apache Software Foundation on 04 Feb 2014
+ and accidently made public on 06 Feb 2014.</p>
+
+ <p>Affects: 8.0.0-RC1-8.0.1</p>
+
+ </section>
+
<section name="Fixed in Apache Tomcat 7.0.40" rtext="released 9 May 2013">
<p><strong>Moderate: Information disclosure</strong>
Modified: tomcat/site/trunk/xdocs/security-8.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-8.xml?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-8.xml (original)
+++ tomcat/site/trunk/xdocs/security-8.xml Thu Feb 6 11:32:14 2014
@@ -50,10 +50,29 @@
</section>
- <section name="Fixed in Apache Tomcat 8.0.0-RC1" rtext="released 5 August 2013">
+ <section name="Fixed in Apache Tomcat 8.0.2" rtext="not yet released">
- <p>No reports</p>
+ <p><strong>Important: Denial of Service</strong>
+ <cve>CVE-2014-0050</cve></p>
+
+ <p>It was possible to craft a malformed Content-Type header for a multipart
+ request that caused Apache Tomcat to enter an infinite loop. A malicious
+ user could, therefore, craft a malformed request that triggered a denial
+ of service.</p>
+ <p>The root cause of this error was a bug in Apache Commons FileUpload.
+ Tomcat 8 uses a packaged renamed copy of Apache Commons FileUpload to
+ implement the requirement of the Servlet 3.0 and later specifications to
+ support the processing of mime-multipart requests. Tomcat 8 was therefore
+ affected by this issue.</p>
+
+ <p>This was fixed in revision <revlink rev="1565163">1565163</revlink>.</p>
+
+ <p>This issue was reported to the Apache Software Foundation on 04 Feb 2014
+ and accidently made public on 06 Feb 2014.</p>
+
+ <p>Affects: 8.0.0-RC1-8.0.1</p>
+
</section>
<section name="Not a vulnerability in Tomcat">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: svn commit: r1565181 - in /tomcat/site/trunk: build.xml docs/security-7.html
docs/security-8.html xdocs/security-7.xml xdocs/security-8.xml
Posted by Mark Thomas <ma...@apache.org>.
On 06/02/2014 11:50, Konstantin Kolinko wrote:
> 2014-02-06 <ma...@apache.org>:
>> Author: markt
>> Date: Thu Feb 6 11:32:14 2014
>> New Revision: 1565181
>>
>> URL: http://svn.apache.org/r1565181
>> Log:
>> Add details for CVE-2014-0050
>>
>> Modified:
>> tomcat/site/trunk/build.xml
>> tomcat/site/trunk/docs/security-7.html
>> tomcat/site/trunk/docs/security-8.html
>> tomcat/site/trunk/xdocs/security-7.xml
>> tomcat/site/trunk/xdocs/security-8.xml
>>
>> Modified: tomcat/site/trunk/build.xml
>> URL: http://svn.apache.org/viewvc/tomcat/site/trunk/build.xml?rev=1565181&r1=1565180&r2=1565181&view=diff
>> ==============================================================================
>> --- tomcat/site/trunk/build.xml (original)
>> +++ tomcat/site/trunk/build.xml Thu Feb 6 11:32:14 2014
>> @@ -211,4 +211,9 @@
>> <available file="${destfile}" property="exist"/>
>> </target>
>>
>> + <target name="fixeol">
>> + <fixcrlf srcdir="${docs.dest}/tomcat-6.0-doc" eol="crlf"
>> + encoding="ISO-8859-1" fixlast="false" >
>
> -1. Broken/dangerous.
> You are missing file name pattern here.
>
> (A proper fix should go into 6.0.x dist.xml)
Sorry. That was a local hack I never intended to commit. I'll revert it.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: svn commit: r1565181 - in /tomcat/site/trunk: build.xml
docs/security-7.html docs/security-8.html xdocs/security-7.xml xdocs/security-8.xml
Posted by Konstantin Kolinko <kn...@gmail.com>.
2014-02-06 <ma...@apache.org>:
> Author: markt
> Date: Thu Feb 6 11:32:14 2014
> New Revision: 1565181
>
> URL: http://svn.apache.org/r1565181
> Log:
> Add details for CVE-2014-0050
>
> Modified:
> tomcat/site/trunk/build.xml
> tomcat/site/trunk/docs/security-7.html
> tomcat/site/trunk/docs/security-8.html
> tomcat/site/trunk/xdocs/security-7.xml
> tomcat/site/trunk/xdocs/security-8.xml
>
> Modified: tomcat/site/trunk/build.xml
> URL: http://svn.apache.org/viewvc/tomcat/site/trunk/build.xml?rev=1565181&r1=1565180&r2=1565181&view=diff
> ==============================================================================
> --- tomcat/site/trunk/build.xml (original)
> +++ tomcat/site/trunk/build.xml Thu Feb 6 11:32:14 2014
> @@ -211,4 +211,9 @@
> <available file="${destfile}" property="exist"/>
> </target>
>
> + <target name="fixeol">
> + <fixcrlf srcdir="${docs.dest}/tomcat-6.0-doc" eol="crlf"
> + encoding="ISO-8859-1" fixlast="false" >
-1. Broken/dangerous.
You are missing file name pattern here.
(A proper fix should go into 6.0.x dist.xml)
> + </fixcrlf>
> + </target>
> </project>
>
> Modified: tomcat/site/trunk/docs/security-7.html
> URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1565181&r1=1565180&r2=1565181&view=diff
> ==============================================================================
> --- tomcat/site/trunk/docs/security-7.html (original)
> +++ tomcat/site/trunk/docs/security-7.html Thu Feb 6 11:32:14 2014
> </div>
> +<h3 id="Fixed_in_Apache_Tomcat_7.0.51">
> +<span style="float: right;">not yet released</span> Fixed in Apache Tomcat 7.0.51</h3>
> +<div class="text">
>(...)
> +
> +<p>Affects: 8.0.0-RC1-8.0.1</p>
This is a page for Tomcat 7.
> +
> +
> +</div>
> <h3 id="Fixed_in_Apache_Tomcat_7.0.40">
> <span style="float: right;">released 9 May 2013</span> Fixed in Apache Tomcat 7.0.40</h3>
> <div class="text">
>
> Modified: tomcat/site/trunk/docs/security-8.html
> URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-8.html?rev=1565181&r1=1565180&r2=1565181&view=diff
> ==============================================================================
> --- tomcat/site/trunk/docs/security-8.html (original)
> +++ tomcat/site/trunk/docs/security-8.html Thu Feb 6 11:32:14 2014
OK.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org