tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: CVE-2017-6056.
Date Fri, 24 Feb 2017 15:09:59 GMT
> From: Paralos Trainings [mailto:paralostraninigs@gmail.com] 
> Subject: CVE-2017-6056.

> I'd like to know if the latest version of Tomcat 7 and Tomcat 8 are
> affected by CVE-2017-6056.

Real Tomcat releases (downloaded from tomcat.apache.org) are not affected.  Some 3rd-party
repackaged versions do have the problem due to failure on their part to include relevant fixes.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message