tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Konstantin Kolinko <knst.koli...@gmail.com>
Subject Re: Vulnerability Remediation
Date Fri, 04 Nov 2011 20:39:13 GMT
2011/11/5 Brendan P Keenan <bkeenan@csc.com>:
>
> It has been identified to me by our security group that my Apache Tomcat
> 6.0.33 has the following vulnerability CVE-2011-3190. There is a link on
> the Apache Tomcat 6.0 Security page to
> http://svn.apache.org/viewvc?view=revision&revision=1162959 as a patch.
>
> (...)
>
> Do I add those directories to apply the patch.
>

Have you read the first section at the top of that Tomcat 6 security page?
http://tomcat.apache.org/security-6.html#Apache_Tomcat_6.x_vulnerabilities


Regarding those three files that you mentioned:
That is "ViewVC" program that displays Subversion repository that
contains the source code.  That page shows what files were changed in
revision #1162959 and what the differences were.

Best regards,
Konstantin Kolinko

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message