Ubuntu Security Notice 1359-1 - It was discovered that Tomcat incorrectly performed certain caching and recycling operations. A remote attacker could use this flaw to obtain read access to IP address and HTTP header information in certain cases. This issue only applied to Ubuntu 11.10. It was discovered that Tomcat computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. A remote attacker could cause a denial of service by sending many crafted parameters. Various other issues were also addressed.
495d0e97ad605d33e3ed8ebbdffa82eb097bdbd6c031ae53360b075401528d81