Return-Path: 
 <users-return-228295-apmail-tomcat-users-archive=tomcat.apache.org@tomcat.apache.org>
X-Original-To: apmail-tomcat-users-archive@www.apache.org
Delivered-To: apmail-tomcat-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id F26E09BFA
	for <apmail-tomcat-users-archive@www.apache.org>;
 Fri,  7 Oct 2011 19:06:26 +0000 (UTC)
Received: (qmail 80655 invoked by uid 500); 7 Oct 2011 19:06:23 -0000
Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org
Received: (qmail 80496 invoked by uid 500); 7 Oct 2011 19:06:23 -0000
Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@tomcat.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@tomcat.apache.org>
List-Post: <mailto:users@tomcat.apache.org>
List-Id: <users.tomcat.apache.org>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Delivered-To: mailing list users@tomcat.apache.org
Received: (qmail 80485 invoked by uid 99); 7 Oct 2011 19:06:23 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 07 Oct 2011 19:06:23 +0000
X-ASF-Spam-Status: No, hits=0.0 required=5.0
	tests=FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: local policy)
Received: from [98.138.91.181] (HELO nm21-vm4.bullet.mail.ne1.yahoo.com)
 (98.138.91.181)
    by apache.org (qpsmtpd/0.29) with SMTP; Fri, 07 Oct 2011 19:06:15 +0000
Received: from [98.138.90.54] by nm21.bullet.mail.ne1.yahoo.com with NNFMP;
 07 Oct 2011 19:05:54 -0000
Received: from [98.138.89.174] by tm7.bullet.mail.ne1.yahoo.com with NNFMP;
 07 Oct 2011 19:05:54 -0000
Received: from [127.0.0.1] by omp1030.mail.ne1.yahoo.com with NNFMP;
 07 Oct 2011 19:05:54 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 532955.43828.bm@omp1030.mail.ne1.yahoo.com
Received: (qmail 36579 invoked by uid 60001); 7 Oct 2011 19:05:54 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024;
 t=1318014354; bh=EJuss9iXO1o4efwPH+9/Rw8BSjxsTZuIUIKTyJiNs8A=;
 h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
 b=qngzGVettHceAJvUbYSL2WxSU3fgErebw4xw9r2+7KL2Rsuuy1hhMqc7nxwj7Bc2gcpvO0O8lRzoHR2etj3yIBUML3Lz+gzBdgP//4mpzOPnZLE8eaulp2SJrl1WjXzzcjP/EFRIBzup5UKsulVp9Zb03CU0SX6hGJcy4rwWnw8=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=s1024; d=yahoo.com;
  h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
  b=S775fmTjFaiIwh9m6h8VlZDF3mCqZxFnRFTAIhoLueh+k2fI0HK1VUVEynFUHvpRkhmZ0eSImsgz88Vq3OpjaoeGTwC+sXw4TlXGZubOsxOAsnB2rmQSQ3Bb/YpHOj52gCaaUixZcRPrk3ojkd3fEM8w+/N7O/uykx/M+yVA0UE=;
X-YMail-OSG: RqBMZJEVM1lociPHQUFxw5g5BxwsCUkK8U2gMsF75lTsRI2
 JF9l4Do7nSmNSfxtvAy5VH3JDGPlb8MG43SHfuoKACYauGx4UGnsSFgaXdh1
 WgZE.OR6xU473cNjlD5O6kS1hz0zyCvkJKJeXjtblM0AqyyVwbIGOLfLjFFg
 JXGOJ.0t9Brrc7fg7TKUfVpTf._rNepkPzitfMODZcu1Ih2E.NkY83JFQt9T
 wQqRU90MvftBx8oQRFmwt.x_oS_Dsq5udEQyH9yl9_VVfXUKgHwOqcPq3AP7
 _uwlekPk5l3nXivUJk3.Qq8DorGDYIlV.i0KnxS0J_jpl2r2lOL9UtLqo1Iu
 yJ6lw71JdD8NTdShqxMxxKwgn2Qy1X9dntRcfMpCVDIns81BeWFK_SAGLfAh
 FaLr2F5uYX3XVYwaNdKCmmQcAHeFIb_2rPWOMG9Xif1.Kr8GDSUjFOUB1dNB
 gmdLuuWfA
Received: from [71.134.50.244] by web125520.mail.ne1.yahoo.com via HTTP;
 Fri, 07 Oct 2011 12:05:54 PDT
X-Mailer: YahooMailWebService/0.8.114.317681
References: 
 <OF757E6AE0.7A7DD45F-ON85257922.00580268-85257922.0058A9EB@csc.com>
Message-ID: <1318014354.31269.YahooMailNeo@web125520.mail.ne1.yahoo.com>
Date: Fri, 7 Oct 2011 12:05:54 -0700 (PDT)
From: Mark Eggers <its_toasted@yahoo.com>
Reply-To: Mark Eggers <its_toasted@yahoo.com>
Subject: Re: Adding Revisions
To: Tomcat Users List <users@tomcat.apache.org>
In-Reply-To: 
 <OF757E6AE0.7A7DD45F-ON85257922.00580268-85257922.0058A9EB@csc.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

----- Original Message -----=0A=0A> From: Brendan P Keenan <bkeenan@csc.com=
>=0A> To: users@tomcat.apache.org=0A> Cc: =0A> Sent: Friday, October 7, 201=
1 9:08 AM=0A> Subject: Adding Revisions=0A> =0A> =0A> I apologise if this h=
as been answered somewhere else but I just haven't=0A> been able to find it=
...=0A> =0A> Server is running Windows 2003 R2 SP2=0A> Tomcat 6.0.33=0A> =
=0A> I need to mitigate CVE-2011-3190. It appears revision 1162959 fixes it=
.=0A> =0A> I cannot find how to apply 1162959. Hopefully someone can tell m=
e the steps=0A> or point me to documentation=0A> Thanks=0A> =0A> =0A> =0A> =
Brendan P Keenan=0A> Mainframe Automation=0A> CSC=0A>=0A=0ACould you use on=
e of the two mitigation recommendations?=0A=0AThe announcement:=0A=0Ahttp:/=
/tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.34_(not_yet_r=
eleased)=0A=0A=0AIf you're using mod_jk, then the following two links gives=
 you detailed configuration information.=0A=0Ahttp://tomcat.apache.org/tomc=
at-6.0-doc/config/ajp.html=0A=0Ahttp://tomcat.apache.org/connectors-doc/ref=
erence/workers.html=0A=0A=0AIf you're using mod_proxy_ajp or mod_jk earlier=
 than 1.2.12 (upgrade), then you can change the AJP connector protocol to=
=A0org.apache.jk.server.JkCoyoteHandler as per the announcement.=0A=0A. . .=
 . just my two cents.=0A/mde/

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org