CVE-2011-3375
Publication date 18 January 2012
Last updated 24 July 2024
Ubuntu priority
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| tomcat5.5 | 12.10 quantal | Not in release |
| 12.04 LTS precise | Not in release | |
| 11.10 oneiric | Not in release | |
| 11.04 natty | Not in release | |
| 10.10 maverick | Not in release | |
| 10.04 LTS lucid | Not in release | |
| 8.04 LTS hardy | Ignored end of life | |
| tomcat6 | 12.10 quantal |
Not affected
|
| 12.04 LTS precise |
Not affected
|
|
| 11.10 oneiric |
Fixed 6.0.32-5ubuntu1.2
|
|
| 11.04 natty |
Not affected
|
|
| 10.10 maverick |
Not affected
|
|
| 10.04 LTS lucid |
Not affected
|
|
| 8.04 LTS hardy | Not in release | |
| tomcat7 | 12.10 quantal |
Not affected
|
| 12.04 LTS precise |
Not affected
|
|
| 11.10 oneiric |
Fixed 7.0.21-1ubuntu0.1
|
|
| 11.04 natty | Not in release | |
| 10.10 maverick | Not in release | |
| 10.04 LTS lucid | Not in release | |
| 8.04 LTS hardy | Not in release |
Notes
Patch details
| Package | Patch details |
|---|---|
| tomcat6 |
References
Related Ubuntu Security Notices (USN)
- USN-1359-1
- Tomcat vulnerabilities
- 13 February 2012