tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 42979] New: - Fixed JSP and Servlet for CVE-2007-1355 are not included in the sample.war
Date Thu, 26 Jul 2007 14:24:32 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42979>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42979

           Summary: Fixed JSP and Servlet  for  CVE-2007-1355 are not
                    included in the sample.war
           Product: Tomcat 5
           Version: 5.5.24
          Platform: All
               URL: http://jakarta.apache.org/tomcat/tomcat-5.5-
                    doc/appdev/sample/sample.war
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Webapps:Documentation
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: vijay2612@yahoo.co.in


The JSP and Servlet which are part of the sample application are not updated in
the war file. The sample.war file still contains the old files. So this security
hole still exists in the latest tomcat distribution.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message