tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <>
Subject Re: CVE-2007-3382: Handling of cookies containing a ' character
Date Tue, 14 Aug 2007 16:59:02 GMT
Hi Christopher,

Christopher Schultz wrote:
>> Versions Affected:
>> 5.5.0 to 5.5.24
> Since 5.5.24 isn't yet released, will an upcoming 5.5.24 release include
> a fix for this problem given:

Filip asked about interest in a 5.5.25. The plan at this point in time 
is to tag a new release at the end of the week. 5.5.24 as a version 
number was already used (but not released) and we won't reroll a new 
tarball with a version number, that was already used before.

Until now I didn't notice a commited fix for the cookie problem, but 
Mark or Filip might comment whether there are plans to include a fix in 



To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message