Uploaded image for project: 'Pluto'
  1. Pluto
  2. PLUTO-788

Upgrade to Tomcat 8.5.69 due to multiple CVE issues

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.1.0
    • 3.1.1
    • build system
    • None

    Description

      This task involves upgrading from Tomcat 8.5.40 to Tomcat 8.5.69 (the latest release of Tomcat 8.x at the time of this writing) in order to benefit from security vulnerability fixes found in Tomcat. For more information, see the CVE Details for Apache Tomcat as well as the following issues:

      • CVE-2021-30639 Apache Tomcat DoS
      • CVE-2021-30640 Apache Tomcat JNDI realm authentication weakness
      • CVE-2021-33037 Apache Tomcat HTTP request smuggling

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. PLUTO-793 TCK: Contesting assumptions of PortletContext.getRealPath(String) in V2EnvironmentTests_PortletContext_ApiRender_getRealPath3

          • Major - Major loss of function.
          • Closed

          Activity

            People

              ngriffin7a Neil Griffin (Inactive)
              ngriffin7a Neil Griffin (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: