Return-Path: <users-return-260649-archive-asf-public=cust-asf.ponee.io@tomcat.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id F25AD200C25
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Fri, 24 Feb 2017 16:10:13 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id EABFB160B69; Fri, 24 Feb 2017 15:10:13 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 3B067160B5C
	for <archive-asf-public@cust-asf.ponee.io>; Fri, 24 Feb 2017 16:10:13 +0100 (CET)
Received: (qmail 13295 invoked by uid 500); 24 Feb 2017 15:10:10 -0000
Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@tomcat.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@tomcat.apache.org>
List-Post: <mailto:users@tomcat.apache.org>
List-Id: <users.tomcat.apache.org>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Delivered-To: mailing list users@tomcat.apache.org
Received: (qmail 13284 invoked by uid 99); 24 Feb 2017 15:10:10 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 24 Feb 2017 15:10:10 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 5EAC0C015F
	for <users@tomcat.apache.org>; Fri, 24 Feb 2017 15:10:10 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.122
X-Spam-Level: 
X-Spam-Status: No, score=-0.122 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01,
	RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
	autolearn=disabled
Authentication-Results: spamd1-us-west.apache.org (amavisd-new);
	dkim=pass (1024-bit key) header.d=unisys.com
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
	with ESMTP id M--P1p21ey9k for <users@tomcat.apache.org>;
	Fri, 24 Feb 2017 15:10:08 +0000 (UTC)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0064.outbound.protection.outlook.com [104.47.42.64])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 3AFE05F30C
	for <users@tomcat.apache.org>; Fri, 24 Feb 2017 15:10:07 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unisys.com;
 s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=UhCSYTyu9lHQ4XDn3OTvOdJbtUSxfdPCA/p897WoQms=;
 b=Spn+pkis9KBlkBMxnXzVE0f0aJ0TscKaw5h+RD5cqHWIv87YlbBjoJUutFNjEmQqx/Yzl1z2pwGI2SKeeVSzokJDgNzQhhFABt/M+31H8/OLcsBwFthRC8X+aZ4vx6wNYeeBxydGlXb0z6dnA67nm9X4Fag8jXf1HTG6wqjlgic=
Received: from SN1PR0701MB1822.namprd07.prod.outlook.com (10.162.100.151) by
 SN1PR0701MB1821.namprd07.prod.outlook.com (10.162.100.150) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.919.13; Fri, 24
 Feb 2017 15:09:59 +0000
Received: from SN1PR0701MB1822.namprd07.prod.outlook.com ([10.162.100.151]) by
 SN1PR0701MB1822.namprd07.prod.outlook.com ([10.162.100.151]) with mapi id
 15.01.0919.018; Fri, 24 Feb 2017 15:09:59 +0000
From: "Caldarale, Charles R" <Chuck.Caldarale@unisys.com>
To: Tomcat Users List <users@tomcat.apache.org>
Subject: RE: CVE-2017-6056.
Thread-Topic: CVE-2017-6056.
Thread-Index: AQHSjq9cQdfC7wo6rUm3wLn34tBx3qF4Qe9w
Date: Fri, 24 Feb 2017 15:09:59 +0000
Message-ID: <SN1PR0701MB18221D19262C610927B5B34A97520@SN1PR0701MB1822.namprd07.prod.outlook.com>
References: <CAFdevey4ZS6WH8=dOyGaMK4245eE7KQ47x+Dtrbz74ox+t6fhA@mail.gmail.com>
In-Reply-To: <CAFdevey4ZS6WH8=dOyGaMK4245eE7KQ47x+Dtrbz74ox+t6fhA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=Chuck.Caldarale@unisys.com;
x-originating-ip: [192.61.169.116]
x-ms-office365-filtering-correlation-id: 6b2714a6-f9c9-47cd-a695-08d45cc7332c
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:SN1PR0701MB1821;
x-microsoft-exchange-diagnostics: 1;SN1PR0701MB1821;7:yLmQg48Dk8d/V97dItsU8GxBdthSLqRzjLqeTCTmyUae9XOn0pZxIgAonqT62VEeZQsp1m6cR55SLVCNmZnyonisgKZYeA1MlVol2zFbA+ltKVho96OIPEtGiufDr8Vv9NMY2nJs4P8BtY6M1W+DzBSKbBQEOtcyodSjEtRHCxKsudDyzyWRQMjyBSFHNe7FQUaCvQpldAFR0jO9EaCvWjVV5jIzUQSogogDxdFb+HXQ0equdGBXlRb/ZbXtrprRX3lYP90tD6WgymPmwkaF/pkIjBLrxpWiuzEzmNusw5U3dypfiTtAlZ9cHSp3Hbg9JZJoUnRm8SCL2WTDOR3CqA==
x-microsoft-antispam-prvs: <SN1PR0701MB18218E18C01202A35FA3CBEE97520@SN1PR0701MB1821.namprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6041248)(20161123560025)(20161123555025)(20161123562025)(20161123558025)(20161123564025)(6072148);SRVR:SN1PR0701MB1821;BCL:0;PCL:0;RULEID:;SRVR:SN1PR0701MB1821;
x-forefront-prvs: 0228DDDDD7
x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(6009001)(7916002)(39860400002)(39450400003)(39850400002)(39840400002)(39410400002)(189002)(199003)(6916009)(2950100002)(5660300001)(92566002)(97736004)(7696004)(189998001)(229853002)(6506006)(77096006)(25786008)(6436002)(86362001)(8676002)(5890100001)(2900100001)(81156014)(81166006)(99286003)(9686003)(55016002)(66066001)(122556002)(105586002)(6116002)(33656002)(106116001)(106356001)(6246003)(450100001)(53936002)(110136004)(68736007)(3280700002)(2906002)(8936002)(38730400002)(76176999)(54356999)(102836003)(3846002)(305945005)(3660700001)(50986999)(7736002)(230783001)(101416001)(74316002);DIR:OUT;SFP:1101;SCL:1;SRVR:SN1PR0701MB1821;H:SN1PR0701MB1822.namprd07.prod.outlook.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en;
received-spf: None (protection.outlook.com: unisys.com does not designate
 permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: unisys.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Feb 2017 15:09:59.0752
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8d894c2b-238f-490b-8dd1-d93898c5bf83
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR0701MB1821
archived-at: Fri, 24 Feb 2017 15:10:14 -0000

> From: Paralos Trainings [mailto:paralostraninigs@gmail.com]=20
> Subject: CVE-2017-6056.

> I'd like to know if the latest version of Tomcat 7 and Tomcat 8 are
> affected by CVE-2017-6056.

Real Tomcat releases (downloaded from tomcat.apache.org) are not affected. =
 Some 3rd-party repackaged versions do have the problem due to failure on t=
heir part to include relevant fixes.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MA=
TERIAL and is thus for use only by the intended recipient. If you received =
this in error, please contact the sender and delete the e-mail and its atta=
chments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org