You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Mladen Turk <mt...@apache.org> on 2010/03/02 10:30:45 UTC

Tagging Tomcat Native 1.2.21

Hi,

I backported mod_ssl's SSLInsecureRenegotiation option
and would like to T&R 1.2.21 with compiled OpenSSL 0.9.8m
that should fully solve the CVE-2009-3555.

ABI is extended to allow checking the OpenSSL feature
supported, so usage would require 1.2.21.


Comments?

Regards
-- 
^TM

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org