Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4F2699257 for ; Tue, 7 Feb 2012 20:03:34 +0000 (UTC) Received: (qmail 26297 invoked by uid 500); 7 Feb 2012 20:03:30 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 26127 invoked by uid 500); 7 Feb 2012 20:03:29 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 26118 invoked by uid 99); 7 Feb 2012 20:03:29 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Feb 2012 20:03:29 +0000 X-ASF-Spam-Status: No, hits=1.9 required=5.0 tests=SPF_HELO_SOFTFAIL,SPF_SOFTFAIL X-Spam-Check-By: apache.org Received-SPF: softfail (nike.apache.org: transitioning domain of christopher.restorff@criticalwatch.com does not designate 74.7.105.220 as permitted sender) Received: from [74.7.105.220] (HELO criticalwatch.com) (74.7.105.220) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Feb 2012 20:03:23 +0000 Received: from mail.criticalwatch.net by criticalwatch.com (criticalwatch.com) (SecurityGateway 2.0.6) with SMTP id SG000644880.MSG for ; Tue, 07 Feb 2012 14:01:55 -0600 Received: from [10.223.207.113] by mail.criticalwatch.net (Cipher TLSv1:-SHA:128) (MDaemon PRO v12.5.3) with ESMTP id md50000053335.msg for ; Tue, 07 Feb 2012 14:01:53 -0600 X-Spam-Processed: mail.criticalwatch.net, Tue, 07 Feb 2012 14:01:53 -0600 (not processed: message from trusted or authenticated source) X-Authenticated-Sender: christopher.restorff@criticalwatch.com X-Return-Path: christopher.restorff@criticalwatch.com X-Envelope-From: christopher.restorff@criticalwatch.com X-MDaemon-Deliver-To: users@tomcat.apache.org Message-ID: <4F31832B.3040804@criticalwatch.com> Date: Tue, 07 Feb 2012 14:01:47 -0600 From: Christopher Restorff Organization: Critical Watch User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:9.0) Gecko/20111222 Thunderbird/9.0.1 MIME-Version: 1.0 To: users@tomcat.apache.org Subject: Question regarding mappings for CVE-2005-4836 References: <4F21DE8B.4040309@criticalwatch.com> In-Reply-To: <4F21DE8B.4040309@criticalwatch.com> X-Forwarded-Message-Id: <4F21DE8B.4040309@criticalwatch.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SGHeloLookup-Result: pass smtp.helo=mail.criticalwatch.net (ip=10.223.210.3) X-Virus-Checked: Checked by ClamAV on apache.org Hello, I have a question regarding CVE-2005-4836: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-4836 The security bulletin, http://tomcat.apache.org/security-4.html, mentions that it will not be fixed in 4.x. However, there is no indication as to whether it affects 5.x or beyond. Is this issue persistent in the 5, 6, and 7 versions? If not, which versions are not affected. Any help will be greatly appreciated. Thank you for your time. Sorry if this is a repost. I think I sent it to the wrong address and never got any responses/confirmation that it went through. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org