*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
Tomcat9 package is based on 9.0.16 on bionic and 9.0.31 on focal. Several "Important" security vulnerabilities has been found since those versions: https://tomcat.apache.org/security-9.html ``` Important A vulnerability rated as Important impact is one which could result in the compromise of data or availability of the server. For Tomcat this includes issues that allow an easy remote denial of service (something that is out of proportion to the attack or with a lasting consequence), access to arbitrary files outside of the context root, or access to files that should be otherwise prevented by limits or authentication. ``` These packages should be updated to use at least Tomcat 9.0.40. Can you please provide the update? Thanks! ** Affects: tomcat9 (Ubuntu) Importance: Undecided Status: New ** Tags: community-security -- Tomcat9 package is old version with many security issues https://bugs.launchpad.net/bugs/1915911 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
