SUSE-SU-2022:0784-1 -- SLES tomcat, javapackages-filesystemID: oval:org.secpod.oval:def:89046099 | Date: (C)2022-03-11 (M)2023-10-26 |
Class: PATCH | Family: unix |
This update for tomcat fixes the following issues: Security issues fixed: - CVE-2022-23181: Fixed time of check, time of use vulnerability that allowed local privilege escalation. - Remove log4j dependency, which is currently directly in use - Make the package RPM conflict even more specific to conflict with java-openjdk-headless = 9
Platform: |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |
Product: |
tomcat |
javapackages-filesystem |