https://bz.apache.org/bugzilla/show_bug.cgi?id=60611
Mark Thomas <ma...@apache.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |INVALID --- Comment #2 from Mark Thomas <ma...@apache.org> --- The changes for CVE-2016-6797 only affected the use of ResourceLink to make global resources available to individual web application. It did not affect the direct definition of a resource within a web application. This looks like an issue with the Debian distro. The users@ list is the best place to flush that out if you want feedback from the Tomcat community before opening a Debian bug. If the users@ discussion identifies a Tomcat bug, this issue can be re-opened. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org