Author: markt
Date: Tue May 5 23:08:44 2015
New Revision: 1677910
URL: http://svn.apache.org/r1677910
Log:
Announce CVE-2014-0230
Modified:
tomcat/site/trunk/docs/security-6.html
tomcat/site/trunk/docs/security-7.html
tomcat/site/trunk/docs/security-8.html
tomcat/site/trunk/xdocs/security-6.xml
tomcat/site/trunk/xdocs/security-7.xml
tomcat/site/trunk/xdocs/security-8.xml
Modified: tomcat/site/trunk/docs/security-6.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-6.html?rev=1677910&r1=1677909&r2=1677910&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-6.html (original)
+++ tomcat/site/trunk/docs/security-6.html Tue May 5 23:08:44 2015
@@ -203,6 +203,9 @@
<a href="#Apache_Tomcat_6.x_vulnerabilities">Apache Tomcat 6.x
vulnerabilities</a>
</li>
<li>
+<a href="#Fixed_in_Apache_Tomcat_6.0.44">Fixed in Apache Tomcat 6.0.44</a>
+</li>
+<li>
<a href="#Fixed_in_Apache_Tomcat_6.0.43">Fixed in Apache Tomcat 6.0.43</a>
</li>
<li>
@@ -309,6 +312,38 @@
</div>
+<h3 id="Fixed_in_Apache_Tomcat_6.0.44">
+<span style="float: right;">Release in progress</span> Fixed in Apache Tomcat
6.0.44</h3>
+<div class="text">
+
+
+<p>
+<strong>Low: Denial of Service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230";
rel="nofollow">CVE-2014-0230</a>
+</p>
+
+
+<p>When a response for a request with a request body is returned to the user
+ agent before the request body is fully read, by default Tomcat swallows the
+ remaining request body so that the next request on the connection may be
+ processed. There was no limit to the size of request body that Tomcat would
+ swallow. This permitted a limited Denial of Service as Tomcat would never
+ close the connection and a processing thread would remain allocated to the
+ connection.</p>
+
+
+<p>This was fixed in revision <a
href="http://svn.apache.org/viewvc?view=rev&rev=1659537";>1659537</a>.</p>
+
+
+<p>This issue was disclosed to the Tomcat security team by AntBean@secdig
+ from the Baidu Security Team on 4 June 2014 and made public on 9 April
+ 2015.</p>
+
+
+<p>Affects: 6.0.0 to 6.0.43</p>
+
+
+</div>
<h3 id="Fixed_in_Apache_Tomcat_6.0.43">
<span style="float: right;">22 November 2014</span> Fixed in Apache Tomcat
6.0.43</h3>
<div class="text">
Modified: tomcat/site/trunk/docs/security-7.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-7.html?rev=1677910&r1=1677909&r2=1677910&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-7.html (original)
+++ tomcat/site/trunk/docs/security-7.html Tue May 5 23:08:44 2015
@@ -350,6 +350,32 @@
<p>Affects: 7.0.0 to 7.0.54</p>
+
+<p>
+<strong>Low: Denial of Service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230";
rel="nofollow">CVE-2014-0230</a>
+</p>
+
+
+<p>When a response for a request with a request body is returned to the user
+ agent before the request body is fully read, by default Tomcat swallows the
+ remaining request body so that the next request on the connection may be
+ processed. There was no limit to the size of request body that Tomcat would
+ swallow. This permitted a limited Denial of Service as Tomcat would never
+ close the connection and a processing thread would remain allocated to the
+ connection.</p>
+
+
+<p>This was fixed in revision <a
href="http://svn.apache.org/viewvc?view=rev&rev=1603781";>1603781</a>.</p>
+
+
+<p>This issue was disclosed to the Tomcat security team by AntBean@secdig
+ from the Baidu Security Team on 4 June 2014 and made public on 9 April
+ 2015.</p>
+
+
+<p>Affects: 7.0.0 to 7.0.54</p>
+
</div>
<h3 id="Fixed_in_Apache_Tomcat_7.0.54">
Modified: tomcat/site/trunk/docs/security-8.html
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-8.html?rev=1677910&r1=1677909&r2=1677910&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-8.html (original)
+++ tomcat/site/trunk/docs/security-8.html Tue May 5 23:08:44 2015
@@ -299,6 +299,32 @@
<p>Affects: 8.0.0-RC1 to 8.0.8</p>
+
+<p>
+<strong>Low: Denial of Service</strong>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230";
rel="nofollow">CVE-2014-0230</a>
+</p>
+
+
+<p>When a response for a request with a request body is returned to the user
+ agent before the request body is fully read, by default Tomcat swallows the
+ remaining request body so that the next request on the connection may be
+ processed. There was no limit to the size of request body that Tomcat would
+ swallow. This permitted a limited Denial of Service as Tomcat would never
+ close the connection and a processing thread would remain allocated to the
+ connection.</p>
+
+
+<p>This was fixed in revision <a
href="http://svn.apache.org/viewvc?view=rev&rev=1603770";>1603770</a>.</p>
+
+
+<p>This issue was disclosed to the Tomcat security team by AntBean@secdig
+ from the Baidu Security Team on 4 June 2014 and made public on 9 April
+ 2015.</p>
+
+
+<p>Affects: 8.0.0-RC1 to 8.0.8</p>
+
</div>
<h3 id="Fixed_in_Apache_Tomcat_8.0.8">
Modified: tomcat/site/trunk/xdocs/security-6.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-6.xml?rev=1677910&r1=1677909&r2=1677910&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-6.xml (original)
+++ tomcat/site/trunk/xdocs/security-6.xml Tue May 5 23:08:44 2015
@@ -48,6 +48,29 @@
</section>
+ <section name="Fixed in Apache Tomcat 6.0.44" rtext="Release in progress">
+
+ <p><strong>Low: Denial of Service</strong>
+ <cve>CVE-2014-0230</cve></p>
+
+ <p>When a response for a request with a request body is returned to the
user
+ agent before the request body is fully read, by default Tomcat swallows the
+ remaining request body so that the next request on the connection may be
+ processed. There was no limit to the size of request body that Tomcat would
+ swallow. This permitted a limited Denial of Service as Tomcat would never
+ close the connection and a processing thread would remain allocated to the
+ connection.</p>
+
+ <p>This was fixed in revision <revlink rev="1659537">1659537</revlink>.</p>
+
+ <p>This issue was disclosed to the Tomcat security team by AntBean@secdig
+ from the Baidu Security Team on 4 June 2014 and made public on 9 April
+ 2015.</p>
+
+ <p>Affects: 6.0.0 to 6.0.43</p>
+
+ </section>
+
<section name="Fixed in Apache Tomcat 6.0.43" rtext="22 November 2014">
<p><i>Note: The issue below was fixed in Apache Tomcat 6.0.42 but the
Modified: tomcat/site/trunk/xdocs/security-7.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-7.xml?rev=1677910&r1=1677909&r2=1677910&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-7.xml (original)
+++ tomcat/site/trunk/xdocs/security-7.xml Tue May 5 23:08:44 2015
@@ -65,6 +65,25 @@
<p>Affects: 7.0.0 to 7.0.54</p>
+ <p><strong>Low: Denial of Service</strong>
+ <cve>CVE-2014-0230</cve></p>
+
+ <p>When a response for a request with a request body is returned to the
user
+ agent before the request body is fully read, by default Tomcat swallows the
+ remaining request body so that the next request on the connection may be
+ processed. There was no limit to the size of request body that Tomcat would
+ swallow. This permitted a limited Denial of Service as Tomcat would never
+ close the connection and a processing thread would remain allocated to the
+ connection.</p>
+
+ <p>This was fixed in revision <revlink rev="1603781">1603781</revlink>.</p>
+
+ <p>This issue was disclosed to the Tomcat security team by AntBean@secdig
+ from the Baidu Security Team on 4 June 2014 and made public on 9 April
+ 2015.</p>
+
+ <p>Affects: 7.0.0 to 7.0.54</p>
+
</section>
<section name="Fixed in Apache Tomcat 7.0.54" rtext="released 22 May 2014">
Modified: tomcat/site/trunk/xdocs/security-8.xml
URL:
http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-8.xml?rev=1677910&r1=1677909&r2=1677910&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-8.xml (original)
+++ tomcat/site/trunk/xdocs/security-8.xml Tue May 5 23:08:44 2015
@@ -68,6 +68,25 @@
<p>Affects: 8.0.0-RC1 to 8.0.8</p>
+ <p><strong>Low: Denial of Service</strong>
+ <cve>CVE-2014-0230</cve></p>
+
+ <p>When a response for a request with a request body is returned to the
user
+ agent before the request body is fully read, by default Tomcat swallows the
+ remaining request body so that the next request on the connection may be
+ processed. There was no limit to the size of request body that Tomcat would
+ swallow. This permitted a limited Denial of Service as Tomcat would never
+ close the connection and a processing thread would remain allocated to the
+ connection.</p>
+
+ <p>This was fixed in revision <revlink rev="1603770">1603770</revlink>.</p>
+
+ <p>This issue was disclosed to the Tomcat security team by AntBean@secdig
+ from the Baidu Security Team on 4 June 2014 and made public on 9 April
+ 2015.</p>
+
+ <p>Affects: 8.0.0-RC1 to 8.0.8</p>
+
</section>
<section name="Fixed in Apache Tomcat 8.0.8" rtext="beta, 21 May 2014">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
