tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ben Stringer" <...@burbong.com>
Subject Re: Patch information required
Date Thu, 28 Nov 2013 06:36:06 GMT
On Thu, November 28, 2013 5:15 pm, kanishk.sethi@accenture.com wrote:
> Hi All,
>

Hi Kanishhk,

> We are using Apache tomcat version 6.0.26 and we need to install below
> patches on our servers to fix some Vulnerabilities.
>
> http://svn.apache.org/viewvc?view=revision&revision=958911
> http://svn.apache.org/viewvc?view=revision&revision=958977
> http://svn.apache.org/viewvc?view=revision&revision=959428
> http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151
> http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2012-05-584&actionBtn=Search

Is the Apache tomcat instance you are using bundled with the applications
above (from HP, Juniper)? If so, you should get an updated release from
those vendors, as they should have bundled a higher version of Tomcat that
resolves the issues.

You can cross-check your list of CVE vulnerabilities against Tomcat
versions at this page:

http://tomcat.apache.org/security.html

Looks like 6.0.37 is the latest version of Tomcat 6.

Cheers, Ben

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message