Return-Path: <Larry.Isaacs@sas.com>
Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm
Delivered-To: mailing list tomcat-dev@jakarta.apache.org
Received: (qmail 91928 invoked from network); 12 Dec 2000 02:57:32 -0000
Received: from merc95.us.sas.com (HELO merc95.na.sas.com) (149.173.6.5)
  by locus.apache.org with SMTP; 12 Dec 2000 02:57:32 -0000
Received: from merc95.na.sas.com ([127.0.0.1]) by merc95.na.sas.com with SMTP
 (Microsoft Exchange Internet Mail Service Version 5.5.2653.13)
	id YHYGNX4C; Mon, 11 Dec 2000 21:57:06 -0500
Received: from 10.25.12.252 by merc95.na.sas.com (InterScan E-Mail VirusWall
 NT); Mon, 11 Dec 2000 21:57:06 -0500 (Eastern Standard Time)
Received: by MERC91.us.sas.com with Internet Mail Service (5.5.2653.19)
	id <YHXMX9KW>; Mon, 11 Dec 2000 21:57:01 -0500
Message-ID: <764CA2FF49EC054BA086FC8253A52DD7433284@merc09.us.sas.com>
From: Larry Isaacs <Larry.Isaacs@sas.com>
To: "'tomcat-dev@jakarta.apache.org'" <tomcat-dev@jakarta.apache.org>
Subject: RE: [SECURITY] Security Vulnerabilities in Tomcat 3.1 and 3.2
Date: Mon, 11 Dec 2000 21:57:00 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain;
	charset="iso-8859-1"
X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N


> Proposal #1:  Release a Tomcat 3.1.1 that fixes *only* the security
> problems

+1


> Proposal #2:  Release a Tomcat 3.2.1 that fixes the following security
> problems
> plus the patches committed to date.

+ 1

Larry