tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Smith <david.sm...@cornell.edu>
Subject Re: Fix CVE tomcat 6.0.18 with out upgrade
Date Wed, 08 May 2013 17:38:05 GMT
On 5/8/13 1:17 PM, suresh babu yella wrote:
> Hi Dan,
>
> We might consider for upgrading the tomcat later, due to to supportability
> concerns from Autonomy we cannot upgrade it to any of the higher version.
>
> but right now we are looking to apply the fix for all CVE's we identified,
> it will be great if you can let me know the procedure.
>
>
Then upgrade, but keep it within the Tomcat 6.0.x versions.  Going up to
6.0.37 should be perfectly safe.   Put up a test env and try it.

--David

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message