tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: CVE-2007-3382: Handling of cookies containing a ' character
Date Tue, 14 Aug 2007 16:59:02 GMT
Hi Christopher,

Christopher Schultz wrote:
>> Versions Affected:
>> 5.5.0 to 5.5.24
> 
> Since 5.5.24 isn't yet released, will an upcoming 5.5.24 release include
> a fix for this problem given:

Filip asked about interest in a 5.5.25. The plan at this point in time 
is to tag a new release at the end of the week. 5.5.24 as a version 
number was already used (but not released) and we won't reroll a new 
tarball with a version number, that was already used before.

Until now I didn't notice a commited fix for the cookie problem, but 
Mark or Filip might comment whether there are plans to include a fix in 
5.5.25.

Regards,

Rainer



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message