tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GOMEZ Henri <hgo...@slib.fr>
Subject RE: Tomcat 4.0-beta-2 Security Vulnerability
Date Tue, 03 Apr 2001 06:42:19 GMT
>> I suggest that we create a revised version of beta
>> 2, clearly labelled so
>> that people will know whether they have the
>> corrected version or not --
>> and we should do this immediately (like today) to
>> minimize the number of
>> people who end up downloading twice.
>> 
>> I suggest we call the updated version "Tomcat
>> 4.0-beta-2-update-1" or
>> something like that.
>> 
>> Comments?  Votes?
>> 
>
>I vote you just call it  "Tomcat-4.0-beta-3".  I don't
>recall ever being told there were limits to the number
>of betas one can produce.  :-)  I believe that a new
>beta number is justified by any significant bug fix or
>fixes and a security hole is definitely significant,
>even if the code change may be tiny.

+1 for Tomcat-4.0-beta-3

And what about including in TC 4.0b3 my patches which
help build tc 4.0 on non standard distro, ie jsse.jar
not in JSSE_HOME/lib or jmxri.jar not in JMX_HOME/lib.


Mime
View raw message