You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by James House <ja...@medibuy.com> on 2000/10/06 19:16:05 UTC

Patch for Tomcat 3.1 - Shutdown Security Hole (Tomcat Killer)

Since this new find is a big security risk, I've made a patch available for
it.

You can download it (and other Tomcat 3.1 patches I've made) at the
following URL:

http://www.interobjective.com/tomcat/tomcatPatches.html

My other patches include:  

Fix for "recursive JSP include" bug.
Fix for insecure session Ids.

James