On 2023/10/11 11:40, Stuart Henderson wrote: > CVSROOT: /cvs > Module name: ports > Changes by: [email protected] 2023/10/11 11:40:01 > > Modified files: > www/tomcat/v8 : Tag: OPENBSD_7_4 Makefile distinfo > www/tomcat/v8/pkg: Tag: OPENBSD_7_4 PLIST-examples > > Log message: > update to tomcat-8.5.94 > > CVE-2023-42794: FileUpload: DoS due to accumulation of temporary files on > Windows > CVE-2023-44487: HTTP/2 implementation vulnerable to the rapid reset attack > (DoS) >
oops, also these for 8.x CVE-2023-42795: Failure during request clean-up leads to sensitive data leaking to subsequent requests CVE-2023-45648: Trailer header parsing too lenient
