You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Angus Yiu <ay...@datapipe.com> on 2011/11/16 03:58:48 UTC
Apache Tomcat 6.0.34
Hello,
We hit Authentication bypass and information disclosure CVE-2011-3190 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190> in tomcat 6.0.32
May i know when Tomcat 6.0.34 will be release?
Regards,
Angus
________________________________
This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/about-us-legal-email-disclaimer.htm for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.
Re: Apache Tomcat 6.0.34
Posted by Konstantin Kolinko <kn...@gmail.com>.
2011/11/16 Konstantin Kolinko <kn...@gmail.com>:
> 2011/11/16 Angus Yiu <ay...@datapipe.com>:
>>
>>
>> Hello,
>>
>> We hit Authentication bypass and information disclosure CVE-2011-3190 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190> in tomcat 6.0.32
>> May i know when Tomcat 6.0.34 will be release?
>>
>
> Tag and release candidates are already done and vote is currently in progress.
>
> Once voting ends (usually 3 days) and there are no blocking issues (no
> negative votes) and at least 3 +1 votes, the same binaries are
> published as a release.
>
> If you want to help testing, you may download the release candidate.
> See "[VOTE]" thread on dev@.
>
Unfortunately 6.0.34 is broken.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Tomcat 6.0.34
Posted by Konstantin Kolinko <kn...@gmail.com>.
2011/11/16 Angus Yiu <ay...@datapipe.com>:
>
>
> Hello,
>
> We hit Authentication bypass and information disclosure CVE-2011-3190 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190> in tomcat 6.0.32
> May i know when Tomcat 6.0.34 will be release?
>
Tag and release candidates are already done and vote is currently in progress.
Once voting ends (usually 3 days) and there are no blocking issues (no
negative votes) and at least 3 +1 votes, the same binaries are
published as a release.
If you want to help testing, you may download the release candidate.
See "[VOTE]" thread on dev@.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org