https://bugzilla.redhat.com/show_bug.cgi?id=1887648 Bug ID: 1887648 Summary: CVE-2020-13943 tomcat: Apache Tomcat HTTP/2 Request mix-up Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: jwon(a)redhat.com CC: aboyko(a)redhat.com, aileenc(a)redhat.com, akoufoud(a)redhat.com, alazarot(a)redhat.com, alee(a)redhat.com, almorale(a)redhat.com, anstephe(a)redhat.com, asoldano(a)redhat.com, atangrin(a)redhat.com, avibelli(a)redhat.com, bbaranow(a)redhat.com, bgeorges(a)redhat.com, bmaxwell(a)redhat.com, brian.stansberry(a)redhat.com, cdewolf(a)redhat.com, chazlett(a)redhat.com, cmoulliard(a)redhat.com, coolsvap(a)gmail.com, csutherl(a)redhat.com, darran.lofthouse(a)redhat.com, dbecker(a)redhat.com, dkreling(a)redhat.com, dosoudil(a)redhat.com, drieden(a)redhat.com, eleandro(a)redhat.com, etirelli(a)redhat.com, ggaughan(a)redhat.com, gmalinko(a)redhat.com, gzaronik(a)redhat.com, hhorak(a)redhat.com, huwang(a)redhat.com, ibek(a)redhat.com, ikanello(a)redhat.com, ivan.afonichev(a)gmail.com, iweiss(a)redhat.com, janstey(a)redhat.com, java-sig-commits(a)lists.fedoraproject.org, jawilson(a)redhat.com, jbalunas(a)redhat.com, jclere(a)redhat.com, jjoyce(a)redhat.com, jochrist(a)redhat.com, jolee(a)redhat.com, jorton(a)redhat.com, jpallich(a)redhat.com, jperkins(a)redhat.com, jschatte(a)redhat.com, jschluet(a)redhat.com, jstastny(a)redhat.com, jwon(a)redhat.com, krathod(a)redhat.com, krzysztof.daniel(a)gmail.com, kverlaen(a)redhat.com, kwills(a)redhat.com, lgao(a)redhat.com, lhh(a)redhat.com, lpeer(a)redhat.com, lthon(a)redhat.com, mbabacek(a)redhat.com, mburns(a)redhat.com, mizdebsk(a)redhat.com, mkolesni(a)redhat.com, mnovotny(a)redhat.com, msochure(a)redhat.com, msvehla(a)redhat.com, mszynkie(a)redhat.com, myarboro(a)redhat.com, nwallace(a)redhat.com, pgallagh(a)redhat.com, pjindal(a)redhat.com, pmackay(a)redhat.com, rguimara(a)redhat.com, rrajasek(a)redhat.com, rruss(a)redhat.com, rstancel(a)redhat.com, rsvoboda(a)redhat.com, rsynek(a)redhat.com, sclewis(a)redhat.com, scohen(a)redhat.com, sdaley(a)redhat.com, slinaber(a)redhat.com, smaestri(a)redhat.com, tom.jenkinson(a)redhat.com, vhalbert(a)redhat.com, weli(a)redhat.com Blocks: 1887641 Target Milestone: --- Classification: Other If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources. Upstream commits: Tomcat 10.0: https://github.com/apache/tomcat/commit/1bbc650cbc3f08d85a1ec6d803c47ae53... Tomcat 9.0: https://github.com/apache/tomcat/commit/55911430df13f8c9998fbdee1f9716994... Tomcat 8.5: https://github.com/apache/tomcat/commit/9d7def063b47407a09a2f9202beed99f4... Reference: http://mail-archives.apache.org/mod_mbox/tomcat-announce/202010.mbox/%3C2... -- You are receiving this mail because: You are on the CC list for the bug.