7942 moderate openSUSE Leap 42.3 Update ports This update for tomcat fixes the following issues: Security issues fixed: - CVE-2018-1305: Fixed late application of security constraints that can lead to resource exposure for unauthorised users (bsc#1082481). - CVE-2018-1304: Fixed incorrect handling of empty string URL in security constraints that can lead to unitended exposure of resources (bsc#1082480). - CVE-2017-15706: Fixed incorrect documentation of CGI Servlet search algorithm that may lead to misconfiguration (bsc#1078677). This update was imported from the SUSE:SLE-12-SP2:Update update project. tomcat-8.0.50-12.1.noarch.rpm tomcat-8.0.50-12.1.src.rpm tomcat-admin-webapps-8.0.50-12.1.noarch.rpm tomcat-docs-webapp-8.0.50-12.1.noarch.rpm tomcat-el-3_0-api-8.0.50-12.1.noarch.rpm tomcat-embed-8.0.50-12.1.noarch.rpm tomcat-javadoc-8.0.50-12.1.noarch.rpm tomcat-jsp-2_3-api-8.0.50-12.1.noarch.rpm tomcat-jsvc-8.0.50-12.1.noarch.rpm tomcat-lib-8.0.50-12.1.noarch.rpm tomcat-servlet-3_1-api-8.0.50-12.1.noarch.rpm tomcat-webapps-8.0.50-12.1.noarch.rpm