-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:084
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : tomcat
 Date    : March 28, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated tomcat package fixes security vulnerabilities:
 
 It was discovered that the Apache Commons FileUpload package for Java
 could enter an infinite loop while processing a multipart request with
 a crafted Content-Type, resulting in a denial-of-service condition
 (CVE-2014-0050).
 
 Apache Tomcat 7.x before 7.0.50 processes chunked transfer coding
 without properly handling (1) a large total amount of chunked data or
 (2) whitespace characters in an HTTP header value within a trailer
 field, which allows remote attackers to c