[jira] [Created] (GUACAMOLE-410) Update Apache Tomcat due to security isses

Sven Gottwald (JIRA) Mon, 09 Oct 2017 22:07:47 -0700

Sven Gottwald created GUACAMOLE-410:
---------------------------------------


             Summary: Update Apache Tomcat due to security isses
                 Key: GUACAMOLE-410
                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-410
             Project: Guacamole
          Issue Type: Improvement
          Components: guacamole-docker
    Affects Versions: 0.9.13-incubating
         Environment: Official guacamole docker image 
https://hub.docker.com/r/guacamole/guacamole/
            Reporter: Sven Gottwald
            Priority: Critical


The official guacamole docker image uses tomcat 8.0.20-jre8. This tomcat 
Version is outdated and contains several security issues (see [Apache Tomcat 
8.x vulnerabilities|http://tomcat.apache.org/security-8.html]). The last issue 
was 
[CVE-2017-12617|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617] 
which allows remote code execution.

Tomcat should be updated to version 8.0.47 ASAP.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (GUACAMOLE-410) Update Apache Tomcat due to security isses

Reply via email to