tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From suresh babu yella <suresh.b.ye...@gmail.com>
Subject Fix CVE tomcat 6.0.18 with out upgrade
Date Wed, 08 May 2013 16:11:45 GMT
We are using tomcat 6.0.18  and we found below number of Common
Vulnerabilities and Exposures (CVE).

High Vulns: 98

Medium Vulns: 50

Low Vulns: 6
We cannot upgrade/patch any of those components due to supportability
concerns from Autonomy.

How can I apply a fix for all the CVE, I see the build instructions in
below link but I was looking for applying the fixes without upgrade.

Security -
http://tomcat.apache.org/security-6.html#Apache_Tomcat_6.x_vulnerabilities
Build Instructions - http://tomcat.apache.org/tomcat-6.0-doc/building.html


Thanks

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message