tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From craig...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/webapps/ROOT index.html
Date Tue, 03 Apr 2001 00:38:55 GMT
craigmcc    01/04/02 17:38:55

  Modified:    .        RELEASE-NOTES-4.0-B3.txt
               catalina/src/share/org/apache/catalina Globals.java
               webapps/ROOT index.html
  Log:
  Updates for Tomcat 4.0-beta-3.
  
  Revision  Changes    Path
  1.2       +25 -1     jakarta-tomcat-4.0/RELEASE-NOTES-4.0-B3.txt
  
  Index: RELEASE-NOTES-4.0-B3.txt
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/RELEASE-NOTES-4.0-B3.txt,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- RELEASE-NOTES-4.0-B3.txt	2001/03/31 20:01:19	1.1
  +++ RELEASE-NOTES-4.0-B3.txt	2001/04/03 00:38:46	1.2
  @@ -3,7 +3,7 @@
                               Release Notes
                               =============
   
  -$Id: RELEASE-NOTES-4.0-B3.txt,v 1.1 2001/03/31 20:01:19 craigmcc Exp $
  +$Id: RELEASE-NOTES-4.0-B3.txt,v 1.2 2001/04/03 00:38:46 craigmcc Exp $
   
   
   ============
  @@ -23,6 +23,27 @@
   JSP-related bug reports, respectively.
   
   
  +------------------------
  +Important Security Notes:
  +------------------------
  +
  +This release includes fixes for security vulnerabilities that have been
  +reported against Tomcat 4.0 beta 2:
  +
  +* Fixes to a similar vulnerability that was included in Tomcat 4.0-b2
  +  is also included here.
  +
  +* "Tomcat 4.0-b2 for winnt/2000 show ".jsp" source vulnerability"
  +  (BugTraq reference CSA-200110), which would cause JSP source to be
  +  displayed on a URL like:
  +    http://localhost:8080/examples/jsp/snp/snoop%252ejsp
  +  on all platforms, not just Windows.  The same vulnerability was
  +  fixed in the new server-side include facility.
  +
  +Any user who has downloaded Tomcat 4.0 beta 2 is encouraged to upgrade to
  +beta 3 to fix these security vulnerabilities.
  +
  +
   ============
   NEW FEATURES:
   ============
  @@ -64,6 +85,9 @@
   
   StandardHost:  Ignore the "directory exists" exception when context startup
   tries to expand a WAR file that is already expanded.
  +
  +Extension:  Do not throw NullPointerException if a JAR file with no manifest
  +file is added to the set of repositories for a StandardClassLoader.
   
   
   ----------------
  
  
  
  1.22      +5 -5      jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java
  
  Index: Globals.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v
  retrieving revision 1.21
  retrieving revision 1.22
  diff -u -r1.21 -r1.22
  --- Globals.java	2001/03/31 19:51:15	1.21
  +++ Globals.java	2001/04/03 00:38:50	1.22
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v
1.21 2001/03/31 19:51:15 craigmcc Exp $
  - * $Revision: 1.21 $
  - * $Date: 2001/03/31 19:51:15 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Globals.java,v
1.22 2001/04/03 00:38:50 craigmcc Exp $
  + * $Revision: 1.22 $
  + * $Date: 2001/04/03 00:38:50 $
    *
    * ====================================================================
    *
  @@ -69,7 +69,7 @@
    * Global constants that are applicable to multiple packages within Catalina.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.21 $ $Date: 2001/03/31 19:51:15 $
  + * @version $Revision: 1.22 $ $Date: 2001/04/03 00:38:50 $
    */
   
   public final class Globals {
  @@ -201,7 +201,7 @@
       /**
        * The descriptive information about this server and version.
        */
  -    public static final String SERVER_INFO = "Apache Tomcat/4.0-dev";
  +    public static final String SERVER_INFO = "Apache Tomcat/4.0-b3";
   
   
       /**
  
  
  
  1.14      +2 -2      jakarta-tomcat-4.0/webapps/ROOT/index.html
  
  Index: index.html
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/webapps/ROOT/index.html,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -r1.13 -r1.14
  --- index.html	2001/03/31 19:51:15	1.13
  +++ index.html	2001/04/03 00:38:53	1.14
  @@ -4,13 +4,13 @@
   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
   <meta name="GENERATOR" content="Mozilla/4.72 [en] (WinNT; U) [Netscape]">
   <meta name="Author" content="Anil K. Vijendran">
  -<title>Tomcat (v4.0-dev)</title>
  +<title>Tomcat (v4.0-b3)</title>
   </head>
   <body bgcolor="#FFFFFF">
   <img SRC="tomcat.gif" height=92 width=130 align=LEFT><b><font face="Arial,
Helvetica, sans-serif"><font size=+3>Tomcat</font></font></b>
   <br>
   <b><font face="Arial, Helvetica, sans-serif"><font size=-1>Version
  -4.0-dev</font></font></b>
  +4.0-b3</font></font></b>
   <p>This is the default Tomcat home page. This page serves as a quick reference
   guide to related resources and is located at:
   <ul>
  
  
  

Mime
View raw message