Ubuntu Security Notice 1637-1 - It was discovered that the Apache Tomcat HTTP NIO connector incorrectly handled header data. A remote attacker could cause a denial of service by sending requests with a large amount of header data. It was discovered that Apache Tomcat incorrectly handled DIGEST authentication. A remote attacker could possibly use these flaws to perform a replay attack and bypass authentication. Various other issues were also addressed.
6864ba7f5f6a718c9e0112e11cec496ec671ff32f21f776d4ab22411b5416b9c