You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by "M. Manna" <ma...@gmail.com> on 2018/08/02 09:58:05 UTC

No Official Info on CVE Mitre - CVE-2018-1336

Hello,

Does anyone know if this is fully official yet? NIST and CVE Mitre say that
the ticket is reserved, but tomcat website says that this has been fixed in
newer versions.

I was simply looking for an official explanation on how this has been
identified as a problem.

Regards,

Re: No Official Info on CVE Mitre - CVE-2018-1336

Posted by Mark Thomas <ma...@apache.org>.

On 02/08/18 10:58, M. Manna wrote:
> Hello,
> 
> Does anyone know if this is fully official yet? NIST and CVE Mitre say that
> the ticket is reserved, but tomcat website says that this has been fixed in
> newer versions.
> 
> I was simply looking for an official explanation on how this has been
> identified as a problem.

http://tomcat.apache.org/security.html

Follow the link for the version you are using.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org