openSUSE Security Update : tomcat (openSUSE-2016-1056) (httpoxy)
High Nessus Plugin ID 93362
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for tomcat fixes the following issues :
- CVE-2016-3092: Usage of vulnerable FileUpload package can result in denial of service. (bsc#986359)
- CVE-2016-5388: Setting HTTP_PROXY environment variable via Proxy header. (bsc#988489)
This update was imported from the SUSE:SLE-12-SP1:Update project.
SolutionUpdate the affected tomcat packages.