Return-Path: Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm Delivered-To: mailing list tomcat-dev@jakarta.apache.org Received: (qmail 49895 invoked from network); 12 Dec 2000 01:24:09 -0000 Received: from femail6.sdc1.sfba.home.com (24.0.95.86) by locus.apache.org with SMTP; 12 Dec 2000 01:24:09 -0000 Received: from C538761A ([24.176.222.130]) by femail6.sdc1.sfba.home.com (InterMail vM.4.01.03.00 201-229-121) with SMTP id <20001212012410.WEUW24833.femail6.sdc1.sfba.home.com@C538761A> for ; Mon, 11 Dec 2000 17:24:10 -0800 Message-ID: <00d901c063da$e66b5cb0$82deb018@intalio.com> From: "Remy Maucherat" To: References: <3A357D3D.302585D7@eng.sun.com> Subject: Re: [SECURITY] Security Vulnerabilities in Tomcat 3.1 and 3.2 Date: Mon, 11 Dec 2000 17:28:58 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N > Proposal #1: Release a Tomcat 3.1.1 that fixes *only* the security problems +1. > Proposal #2: Release a Tomcat 3.2.1 that fixes the following security problems > plus the patches committed to date. +1. Remy