tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn propchange: r1377807 - svn:log
Date Mon, 05 Nov 2012 23:04:39 GMT
Author: markt
Revision: 1377807
Modified property: svn:log

Modified: svn:log at Mon Nov  5 23:04:39 2012
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Mon Nov  5 23:04:39 2012
@@ -2,3 +2,5 @@ Digest improvements:
 - disable caching of authenticated user in session by default
 - track server rather than client nonces
 - better handling of stale nonce values
+
+This fixed CVE-2012-3439 Apache Tomcat DIGEST authentication weaknesses


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message