You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Mladen Turk <mt...@apache.org> on 2010/03/02 10:30:45 UTC
Tagging Tomcat Native 1.2.21
Hi,
I backported mod_ssl's SSLInsecureRenegotiation option
and would like to T&R 1.2.21 with compiled OpenSSL 0.9.8m
that should fully solve the CVE-2009-3555.
ABI is extended to allow checking the OpenSSL feature
supported, so usage would require 1.2.21.
Comments?
Regards
--
^TM
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org