You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Paralos Trainings <pa...@gmail.com> on 2017/02/24 15:04:41 UTC
CVE-2017-6056.
I’d like to know if the latest version of Tomcat 7 and Tomcat 8 are
affected by CVE-2017-6056.
If so, when is the update to fix the vulnerability going to be released.
I couldn’t find the reference on any of the vulnerabilities pages:
https://tomcat.apache.org/security.html
Thanks.
PT
RE: CVE-2017-6056.
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Paralos Trainings [mailto:paralostraninigs@gmail.com]
> Subject: CVE-2017-6056.
> I'd like to know if the latest version of Tomcat 7 and Tomcat 8 are
> affected by CVE-2017-6056.
Real Tomcat releases (downloaded from tomcat.apache.org) are not affected. Some 3rd-party repackaged versions do have the problem due to failure on their part to include relevant fixes.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org