tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pesonen, Harri" <harri.peso...@sap.com>
Subject Security question
Date Thu, 11 May 2017 14:21:11 GMT
Hello,
the following lists Tomcat versions 8.5.0 - 8.5.12, does it mean that the problem has been
fixed in 8.5.13 and later?

https://nvd.nist.gov/vuln/detail/CVE-2017-5651

I assume that it has been fixed, as 8.5.13 readme has:


  *   [Fix:]  60918<http://bz.apache.org/bugzilla/show_bug.cgi?id=60918>: Fix sendfile
processing error that could lead to subsequent requests experiencing an IllegalStateException.
(markt)
  *   [Fix:]  Improve sendfile handling when requests are pipelined. (markt)

-Harri

Mime
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message