You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2011/10/14 13:11:59 UTC
svn commit: r1183302 - in /tomcat/site/trunk: docs/ xdocs/
Author: kkolinko
Date: Fri Oct 14 11:11:58 2011
New Revision: 1183302
URL: http://svn.apache.org/viewvc?rev=1183302&view=rev
Log:
Update other security pages.
Replaced direct mail@ address with a link to security.html page.
Modified:
tomcat/site/trunk/docs/security-3.html
tomcat/site/trunk/docs/security-4.html
tomcat/site/trunk/docs/security-jk.html
tomcat/site/trunk/docs/security-native.html
tomcat/site/trunk/docs/security.html
tomcat/site/trunk/xdocs/security-3.xml
tomcat/site/trunk/xdocs/security-4.xml
tomcat/site/trunk/xdocs/security-jk.xml
tomcat/site/trunk/xdocs/security-native.xml
tomcat/site/trunk/xdocs/security.xml
Modified: tomcat/site/trunk/docs/security-3.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-3.html?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-3.html (original)
+++ tomcat/site/trunk/docs/security-3.html Fri Oct 14 11:11:58 2011
@@ -246,20 +246,20 @@
<p>This page lists all security vulnerabilities fixed in released versions
of Apache Tomcat 3.x. Each vulnerability is given a
<a href="security-impact.html">security impact rating</a> by the Apache
- Tomcat security team - please note that this rating may vary from
+ Tomcat security team — please note that this rating may vary from
platform to platform. We also list the versions of Apache Tomcat the flaw
is known to affect, and where a flaw has not been verified list the
version with a question mark.</p>
-<p>Please send comments or corrections for these vulnerabilities to the
- <a href="mailto:security@tomcat.apache.org">Tomcat Security Team</a>.</p>
-
-
<p>Please note that Tomcat 3 is no longer supported. Further vulnerabilities
in the 3.x branches will not be fixed. Users should upgrade to 5.5.x,
6.x or 7.x to obtain security fixes.</p>
+
+<p>Please send comments or corrections for these vulnerabilities to the
+ <a href="security.html">Tomcat Security Team</a>.</p>
+
</blockquote>
</p>
Modified: tomcat/site/trunk/docs/security-4.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-4.html?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-4.html (original)
+++ tomcat/site/trunk/docs/security-4.html Fri Oct 14 11:11:58 2011
@@ -267,20 +267,26 @@
<p>This page lists all security vulnerabilities fixed in released versions
of Apache Tomcat 4.x. Each vulnerability is given a
<a href="security-impact.html">security impact rating</a> by the Apache
- Tomcat security team - please note that this rating may vary from
+ Tomcat security team — please note that this rating may vary from
platform to platform. We also list the versions of Apache Tomcat the flaw
is known to affect, and where a flaw has not been verified list the
version with a question mark.</p>
-<p>Please send comments or corrections for these vulnerabilities to the
- <a href="mailto:security@tomcat.apache.org">Tomcat Security Team</a>.</p>
+<p>
+<strong>Note:</strong> Vulnerabilities that are not Tomcat vulnerabilities
+ but have either been incorrectly reported against Tomcat or where Tomcat
+ provides a workaround are listed at the end of this page.</p>
<p>Please note that Tomcat 4.0.x and 4.1.x are no longer supported. Further
vulnerabilities in the 4.0.x and 4.1.x branches will not be fixed. Users
should upgrade to 5.5.x, 6.x or 7.x to obtain security fixes.</p>
+
+<p>Please send comments or corrections for these vulnerabilities to the
+ <a href="security.html">Tomcat Security Team</a>.</p>
+
</blockquote>
</p>
Modified: tomcat/site/trunk/docs/security-jk.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-jk.html?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-jk.html (original)
+++ tomcat/site/trunk/docs/security-jk.html Fri Oct 14 11:11:58 2011
@@ -231,7 +231,7 @@
<p>This page lists all security vulnerabilities fixed in released versions
of Apache Tomcat Jk Connectors. Each vulnerability is given a
<a href="security-impact.html">security impact rating</a> by the Apache
- Tomcat security team - please note that this rating may vary from
+ Tomcat security team — please note that this rating may vary from
platform to platform. We also list the versions of Apache Tomcat JK
Connectors the flaw is known to affect, and where a flaw has not been
verified list the version with a question mark.</p>
@@ -239,7 +239,7 @@
<p>This page has been created from a review of the Apache Tomcat archives
and the CVE list. Please send comments or corrections for these
- vulnerabilities to the <a href="mailto:security@tomcat.apache.org">Tomcat
+ vulnerabilities to the <a href="security.html">Tomcat
Security Team</a>.</p>
Modified: tomcat/site/trunk/docs/security-native.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security-native.html?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security-native.html (original)
+++ tomcat/site/trunk/docs/security-native.html Fri Oct 14 11:11:58 2011
@@ -222,15 +222,21 @@
<p>This page lists all security vulnerabilities fixed in released versions
of Apache Tomcat APR/native Connector. Each vulnerability is given a
<a href="security-impact.html">security impact rating</a> by the Apache
- Tomcat security team - please note that this rating may vary from
+ Tomcat security team — please note that this rating may vary from
platform to platform. We also list the versions of Apache Tomcat APR/native
Connectors the flaw is known to affect, and where a flaw has not been
verified list the version with a question mark.</p>
+<p>
+<strong>Note:</strong> Vulnerabilities that are not Tomcat vulnerabilities
+ but have either been incorrectly reported against Tomcat or where Tomcat
+ provides a workaround are listed at the end of this page.</p>
+
+
<p>This page has been created from a review of the Apache Tomcat archives
and the CVE list. Please send comments or corrections for these
- vulnerabilities to the <a href="mailto:security@tomcat.apache.org">Tomcat
+ vulnerabilities to the <a href="security.html">Tomcat
Security Team</a>.</p>
Modified: tomcat/site/trunk/docs/security.html
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/docs/security.html?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/docs/security.html (original)
+++ tomcat/site/trunk/docs/security.html Fri Oct 14 11:11:58 2011
@@ -316,7 +316,7 @@
</ul>
-<p>should be address to the users mailing list. Please see the
+<p>should be addressed to the users mailing list. Please see the
<a href="lists.html">mailing lists</a> page for details of how to
subscribe.</p>
Modified: tomcat/site/trunk/xdocs/security-3.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-3.xml?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-3.xml (original)
+++ tomcat/site/trunk/xdocs/security-3.xml Fri Oct 14 11:11:58 2011
@@ -16,18 +16,18 @@
<p>This page lists all security vulnerabilities fixed in released versions
of Apache Tomcat 3.x. Each vulnerability is given a
<a href="security-impact.html">security impact rating</a> by the Apache
- Tomcat security team - please note that this rating may vary from
+ Tomcat security team — please note that this rating may vary from
platform to platform. We also list the versions of Apache Tomcat the flaw
is known to affect, and where a flaw has not been verified list the
version with a question mark.</p>
- <p>Please send comments or corrections for these vulnerabilities to the
- <a href="mailto:security@tomcat.apache.org">Tomcat Security Team</a>.</p>
-
<p>Please note that Tomcat 3 is no longer supported. Further vulnerabilities
in the 3.x branches will not be fixed. Users should upgrade to 5.5.x,
6.x or 7.x to obtain security fixes.</p>
+ <p>Please send comments or corrections for these vulnerabilities to the
+ <a href="security.html">Tomcat Security Team</a>.</p>
+
</section>
<section name="Not fixed in Apache Tomcat 3.x">
Modified: tomcat/site/trunk/xdocs/security-4.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-4.xml?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-4.xml (original)
+++ tomcat/site/trunk/xdocs/security-4.xml Fri Oct 14 11:11:58 2011
@@ -16,18 +16,22 @@
<p>This page lists all security vulnerabilities fixed in released versions
of Apache Tomcat 4.x. Each vulnerability is given a
<a href="security-impact.html">security impact rating</a> by the Apache
- Tomcat security team - please note that this rating may vary from
+ Tomcat security team — please note that this rating may vary from
platform to platform. We also list the versions of Apache Tomcat the flaw
is known to affect, and where a flaw has not been verified list the
version with a question mark.</p>
- <p>Please send comments or corrections for these vulnerabilities to the
- <a href="mailto:security@tomcat.apache.org">Tomcat Security Team</a>.</p>
+ <p><strong>Note:</strong> Vulnerabilities that are not Tomcat vulnerabilities
+ but have either been incorrectly reported against Tomcat or where Tomcat
+ provides a workaround are listed at the end of this page.</p>
<p>Please note that Tomcat 4.0.x and 4.1.x are no longer supported. Further
vulnerabilities in the 4.0.x and 4.1.x branches will not be fixed. Users
should upgrade to 5.5.x, 6.x or 7.x to obtain security fixes.</p>
+ <p>Please send comments or corrections for these vulnerabilities to the
+ <a href="security.html">Tomcat Security Team</a>.</p>
+
</section>
<section name="Will not be fixed in Apache Tomcat 4.1.x">
Modified: tomcat/site/trunk/xdocs/security-jk.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-jk.xml?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-jk.xml (original)
+++ tomcat/site/trunk/xdocs/security-jk.xml Fri Oct 14 11:11:58 2011
@@ -16,14 +16,14 @@
<p>This page lists all security vulnerabilities fixed in released versions
of Apache Tomcat Jk Connectors. Each vulnerability is given a
<a href="security-impact.html">security impact rating</a> by the Apache
- Tomcat security team - please note that this rating may vary from
+ Tomcat security team — please note that this rating may vary from
platform to platform. We also list the versions of Apache Tomcat JK
Connectors the flaw is known to affect, and where a flaw has not been
verified list the version with a question mark.</p>
<p>This page has been created from a review of the Apache Tomcat archives
and the CVE list. Please send comments or corrections for these
- vulnerabilities to the <a href="mailto:security@tomcat.apache.org">Tomcat
+ vulnerabilities to the <a href="security.html">Tomcat
Security Team</a>.</p>
</section>
Modified: tomcat/site/trunk/xdocs/security-native.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security-native.xml?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security-native.xml (original)
+++ tomcat/site/trunk/xdocs/security-native.xml Fri Oct 14 11:11:58 2011
@@ -16,14 +16,18 @@
<p>This page lists all security vulnerabilities fixed in released versions
of Apache Tomcat APR/native Connector. Each vulnerability is given a
<a href="security-impact.html">security impact rating</a> by the Apache
- Tomcat security team - please note that this rating may vary from
+ Tomcat security team — please note that this rating may vary from
platform to platform. We also list the versions of Apache Tomcat APR/native
Connectors the flaw is known to affect, and where a flaw has not been
verified list the version with a question mark.</p>
+ <p><strong>Note:</strong> Vulnerabilities that are not Tomcat vulnerabilities
+ but have either been incorrectly reported against Tomcat or where Tomcat
+ provides a workaround are listed at the end of this page.</p>
+
<p>This page has been created from a review of the Apache Tomcat archives
and the CVE list. Please send comments or corrections for these
- vulnerabilities to the <a href="mailto:security@tomcat.apache.org">Tomcat
+ vulnerabilities to the <a href="security.html">Tomcat
Security Team</a>.</p>
</section>
Modified: tomcat/site/trunk/xdocs/security.xml
URL: http://svn.apache.org/viewvc/tomcat/site/trunk/xdocs/security.xml?rev=1183302&r1=1183301&r2=1183302&view=diff
==============================================================================
--- tomcat/site/trunk/xdocs/security.xml (original)
+++ tomcat/site/trunk/xdocs/security.xml Fri Oct 14 11:11:58 2011
@@ -75,7 +75,7 @@
<li>obtaining further information on a published vulnerability</li>
<li>availability of patches and/or new releases</li>
</ul>
- <p>should be address to the users mailing list. Please see the
+ <p>should be addressed to the users mailing list. Please see the
<a href="lists.html">mailing lists</a> page for details of how to
subscribe.</p>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org