You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2013/05/10 10:41:12 UTC
svn propchange: r1417891 - svn:log
Author: markt
Revision: 1417891
Modified property: svn:log
Modified: svn:log at Fri May 10 08:41:12 2013
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Fri May 10 08:41:12 2013
@@ -1,2 +1,3 @@
+This is the fix for CVE-2013-2067
In FormAuthenticator: If it is configured to change Session IDs,
do the change before displaying the login form.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org