Author: markt
Date: Thu Feb 6 11:32:14 2014
New Revision: 1565181
URL: http://svn.apache.org/r1565181
Log:
Add details for CVE-2014-0050
Modified:
tomcat/site/trunk/build.xml
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/xdocs/security-7.xml
tomcat/site/trunk/xdocs/security-8.xml
Modified: tomcat/site/trunk/build.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/build.xml?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/build.xml (original)
+++ tomcat/site/trunk/build.xml Thu Feb 6 11:32:14 2014
@@ -211,4 +211,9 @@
<available file="${destfile}" property="exist"/>
</target>
+ <target name="fixeol">
+ <fixcrlf srcdir="${docs.dest}/tomcat-6.0-doc" eol="crlf"
+ encoding="ISO-8859-1" fixlast="false" >
+ </fixcrlf>
+ </target>
</project>
Modified: tomcat/site/trunk/docs/security-7.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Thu Feb 6 11:32:14 2014
@@ -200,6 +200,9 @@
<a href="#Apache_Tomcat_7.x_vulnerabilities">Apache Tomcat 7.x
vulnerabilities</a>
</li>
<li>
+<a href="#Fixed_in_Apache_Tomcat_7.0.51">Fixed in Apache Tomcat 7.0.51</a>
+</li>
+<li>
<a href="#Fixed_in_Apache_Tomcat_7.0.40">Fixed in Apache Tomcat 7.0.40</a>
</li>
<li>
@@ -305,6 +308,41 @@
</div>
+<h3 id="Fixed_in_Apache_Tomcat_7.0.51">
+<span style="float: right;">not yet released</span> Fixed in Apache Tomcat
7.0.51</h3>
+<div class="text">
+
+
+<p>
+<strong>Important: Denial of Service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050";
rel="nofollow">CVE-2014-0050</a>
+</p>
+
+
+<p>It was possible to craft a malformed Content-Type header for a multipart
+ request that caused Apache Tomcat to enter an infinite loop. A malicious
+ user could, therefore, craft a malformed request that triggered a denial
+ of service.</p>
+
+
+<p>The root cause of this error was a bug in Apache Commons FileUpload.
+ Tomcat 7 uses a packaged renamed copy of Apache Commons FileUpload to
+ implement the requirement of the Servlet 3.0 specification to support
the
+ processing of mime-multipart requests. Tomcat 7 was therefore affected
by
+ this issue.</p>
+
+
+<p>This was fixed in revision <a
href="http://svn.apache.org/viewvc?view=rev&rev=1565169";>1565169</a>.</p>
+
+
+<p>This issue was reported to the Apache Software Foundation on 04 Feb 2014
+ and accidently made public on 06 Feb 2014.</p>
+
+
+<p>Affects: 8.0.0-RC1-8.0.1</p>
+
+
+</div>
<h3 id="Fixed_in_Apache_Tomcat_7.0.40">
<span style="float: right;">released 9 May 2013</span> Fixed in Apache Tomcat
7.0.40</h3>
<div class="text">
Modified: tomcat/site/trunk/docs/security-8.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-8.html?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-8.html (original)
+++ tomcat/site/trunk/docs/security-8.html Thu Feb 6 11:32:14 2014
@@ -200,7 +200,7 @@
<a href="#Apache_Tomcat_8.x_vulnerabilities">Apache Tomcat 8.x
vulnerabilities</a>
</li>
<li>
-<a href="#Fixed_in_Apache_Tomcat_8.0.0-RC1">Fixed in Apache Tomcat
8.0.0-RC1</a>
+<a href="#Fixed_in_Apache_Tomcat_8.0.2">Fixed in Apache Tomcat 8.0.2</a>
</li>
<li>
<a href="#Not_a_vulnerability_in_Tomcat">Not a vulnerability in Tomcat</a>
@@ -254,13 +254,39 @@
</div>
-<h3 id="Fixed_in_Apache_Tomcat_8.0.0-RC1">
-<span style="float: right;">released 5 August 2013</span> Fixed in Apache
Tomcat 8.0.0-RC1</h3>
+<h3 id="Fixed_in_Apache_Tomcat_8.0.2">
+<span style="float: right;">not yet released</span> Fixed in Apache Tomcat
8.0.2</h3>
<div class="text">
-<p>No reports</p>
+<p>
+<strong>Important: Denial of Service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050";
rel="nofollow">CVE-2014-0050</a>
+</p>
+
+<p>It was possible to craft a malformed Content-Type header for a multipart
+ request that caused Apache Tomcat to enter an infinite loop. A malicious
+ user could, therefore, craft a malformed request that triggered a denial
+ of service.</p>
+
+
+<p>The root cause of this error was a bug in Apache Commons FileUpload.
+ Tomcat 8 uses a packaged renamed copy of Apache Commons FileUpload to
+ implement the requirement of the Servlet 3.0 and later specifications to
+ support the processing of mime-multipart requests. Tomcat 8 was
therefore
+ affected by this issue.</p>
+
+
+<p>This was fixed in revision <a
href="http://svn.apache.org/viewvc?view=rev&rev=1565163";>1565163</a>.</p>
+
+
+<p>This issue was reported to the Apache Software Foundation on 04 Feb 2014
+ and accidently made public on 06 Feb 2014.</p>
+
+
+<p>Affects: 8.0.0-RC1-8.0.1</p>
+
</div>
<h3 id="Not_a_vulnerability_in_Tomcat">Not a vulnerability in Tomcat</h3>
Modified: tomcat/site/trunk/xdocs/security-7.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Thu Feb 6 11:32:14 2014
@@ -50,6 +50,31 @@
</section>
+ <section name="Fixed in Apache Tomcat 7.0.51" rtext="not yet released">
+
+ <p><strong>Important: Denial of Service</strong>
+ <cve>CVE-2014-0050</cve></p>
+
+ <p>It was possible to craft a malformed Content-Type header for a multipart
+ request that caused Apache Tomcat to enter an infinite loop. A malicious
+ user could, therefore, craft a malformed request that triggered a denial
+ of service.</p>
+
+ <p>The root cause of this error was a bug in Apache Commons FileUpload.
+ Tomcat 7 uses a packaged renamed copy of Apache Commons FileUpload to
+ implement the requirement of the Servlet 3.0 specification to support
the
+ processing of mime-multipart requests. Tomcat 7 was therefore affected
by
+ this issue.</p>
+
+ <p>This was fixed in revision <revlink rev="1565169">1565169</revlink>.</p>
+
+ <p>This issue was reported to the Apache Software Foundation on 04 Feb 2014
+ and accidently made public on 06 Feb 2014.</p>
+
+ <p>Affects: 8.0.0-RC1-8.0.1</p>
+
+ </section>
+
<section name="Fixed in Apache Tomcat 7.0.40" rtext="released 9 May 2013">
<p><strong>Moderate: Information disclosure</strong>
Modified: tomcat/site/trunk/xdocs/security-8.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-8.xml?rev=1565181&r1=1565180&r2=1565181&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-8.xml (original)
+++ tomcat/site/trunk/xdocs/security-8.xml Thu Feb 6 11:32:14 2014
@@ -50,10 +50,29 @@
</section>
- <section name="Fixed in Apache Tomcat 8.0.0-RC1" rtext="released 5 August
2013">
+ <section name="Fixed in Apache Tomcat 8.0.2" rtext="not yet released">
- <p>No reports</p>
+ <p><strong>Important: Denial of Service</strong>
+ <cve>CVE-2014-0050</cve></p>
+
+ <p>It was possible to craft a malformed Content-Type header for a multipart
+ request that caused Apache Tomcat to enter an infinite loop. A malicious
+ user could, therefore, craft a malformed request that triggered a denial
+ of service.</p>
+ <p>The root cause of this error was a bug in Apache Commons FileUpload.
+ Tomcat 8 uses a packaged renamed copy of Apache Commons FileUpload to
+ implement the requirement of the Servlet 3.0 and later specifications to
+ support the processing of mime-multipart requests. Tomcat 8 was
therefore
+ affected by this issue.</p>
+
+ <p>This was fixed in revision <revlink rev="1565163">1565163</revlink>.</p>
+
+ <p>This issue was reported to the Apache Software Foundation on 04 Feb 2014
+ and accidently made public on 06 Feb 2014.</p>
+
+ <p>Affects: 8.0.0-RC1-8.0.1</p>
+
</section>
<section name="Not a vulnerability in Tomcat">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
