Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 25030 invoked from network); 4 Apr 2007 15:41:53 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 4 Apr 2007 15:41:53 -0000 Received: (qmail 61676 invoked by uid 500); 4 Apr 2007 15:41:55 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 61629 invoked by uid 500); 4 Apr 2007 15:41:55 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 61618 invoked by uid 500); 4 Apr 2007 15:41:55 -0000 Delivered-To: apmail-jakarta-tomcat-dev@jakarta.apache.org Received: (qmail 61615 invoked by uid 99); 4 Apr 2007 15:41:55 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Apr 2007 08:41:55 -0700 X-ASF-Spam-Status: No, hits=-99.5 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Apr 2007 08:41:47 -0700 Received: by brutus.apache.org (Postfix, from userid 33) id 297B6714068; Wed, 4 Apr 2007 08:41:27 -0700 (PDT) From: bugzilla@apache.org To: tomcat-dev@jakarta.apache.org Subject: DO NOT REPLY [Bug 42047] - Typo on security-3 In-Reply-To: X-Bugzilla-Reason: AssignedTo Message-Id: <20070404154127.297B6714068@brutus.apache.org> Date: Wed, 4 Apr 2007 08:41:27 -0700 (PDT) X-Virus-Checked: Checked by ClamAV on apache.org DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG� RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND� INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=42047 ------- Additional Comments From kanekotky@gmail.com 2007-04-04 08:41 ------- Sorry, I found another typo :) Index: xdocs/security-3.xml =================================================================== --- xdocs/security-3.xml (revision 525537) +++ xdocs/security-3.xml (working copy) @@ -165,10 +165,10 @@

important: Information disclosure - CVE-2001-0590

+ CVE-2000-1210

source.jsp, provided as part of the examples, allows an attacker to read - arbitary files via a .. (dot dot) in the argument to source.jsp.

+ arbitrary files via a .. (dot dot) in the argument to source.jsp.

Affects: 3.0

Index: docs/security-3.html =================================================================== --- docs/security-3.html (revision 525537) +++ docs/security-3.html (working copy) @@ -544,12 +544,12 @@

important: Information disclosure - CVE-2001-0590 + CVE-2000-1210

source.jsp, provided as part of the examples, allows an attacker to read - arbitary files via a .. (dot dot) in the argument to source.jsp.

+ arbitrary files via a .. (dot dot) in the argument to source.jsp.

Affects: 3.0

-- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org