You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Pesonen, Harri" <ha...@sap.com> on 2017/05/11 14:21:11 UTC
Security question
Hello,
the following lists Tomcat versions 8.5.0 - 8.5.12, does it mean that the problem has been fixed in 8.5.13 and later?
https://nvd.nist.gov/vuln/detail/CVE-2017-5651
I assume that it has been fixed, as 8.5.13 readme has:
* [Fix:] 60918<http://bz.apache.org/bugzilla/show_bug.cgi?id=60918>: Fix sendfile processing error that could lead to subsequent requests experiencing an IllegalStateException. (markt)
* [Fix:] Improve sendfile handling when requests are pipelined. (markt)
-Harri
Re: Security question
Posted by Violeta Georgieva <vi...@apache.org>.
2017-05-11 17:21 GMT+03:00 Pesonen, Harri <ha...@sap.com>:
>
> Hello,
>
> the following lists Tomcat versions 8.5.0 – 8.5.12, does it mean that the
problem has been fixed in 8.5.13 and later?
yes
http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.13
Regards,
Violeta
>
>
>
> https://nvd.nist.gov/vuln/detail/CVE-2017-5651
>
>
>
> I assume that it has been fixed, as 8.5.13 readme has:
>
>
>
> 60918: Fix sendfile processing error that could lead to subsequent
requests experiencing an IllegalStateException. (markt)
> Improve sendfile handling when requests are pipelined. (markt)
>
>
>
> -Harri