tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hans Bergsten <h...@gefionsoftware.com>
Subject Re: [SECURITY] Security Vulnerabilities in Tomcat 3.1 and 3.2
Date Tue, 12 Dec 2000 01:39:08 GMT
"Craig R. McClanahan" wrote:
> [...]
> Proposal #1:  Release a Tomcat 3.1.1 that fixes *only* the security problems

+0. Is removing TC 3.1 from the download pages an alternative? There shouldn't
be any reason for anyone to use TC 3.1 now when 3.2 is released. Upgrading to
3.2.1 could be the recommended action for all TC 3.1 users that need to plug
the security holes.

> Proposal #2:  Release a Tomcat 3.2.1 that fixes the following security problems
> plus the patches committed to date.

+1

Hans
-- 
Hans Bergsten		hans@gefionsoftware.com
Gefion Software		http://www.gefionsoftware.com
Author of JavaServer Pages (O'Reilly), http://TheJSPBook.com

Mime
View raw message