You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Pierre Goupil <go...@gmail.com> on 2008/04/17 02:31:03 UTC

Tomcat security alerts

Hello,

Is there a convenient way to keep in touch with Tomcat (6.0.x) security
vulnerabilities ? I mean, I've browsed through the Tomcat website and I have
found no RSS security feeds, no way of being sent an email when there is a
new release, etc. Is there a way to be informed of this kind of things
without having to regularly browse through the related pages of the Tomcat
website directly ?

Thanks in advance,

Pierre


-- 
A celle qui se souvient de chaque parole prononcée, du premier cri du bébé
au serment du héros. Tu es mon témoin éternel.

Re: Tomcat security alerts

Posted by Mark Thomas <ma...@apache.org>.

Pierre Goupil wrote:
> Is there a convenient way to keep in touch with Tomcat (6.0.x) security
> vulnerabilities ? I mean, I've browsed through the Tomcat website and I have
> found no RSS security feeds, no way of being sent an email when there is a
> new release, etc. Is there a way to be informed of this kind of things
> without having to regularly browse through the related pages of the Tomcat
> website directly ?

Vulnerability announcements are posted to:
- the Tomcat users list
- the Tomcat dev list
- Full Disclosure
- BugTraq

The subject lines will include [SECURITY] and a CVE number.

Mark

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org