https://bz.apache.org/bugzilla/show_bug.cgi?id=61542
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #11 from Mark Thomas <ma...@apache.org> ---
Fixed in:
- trunk for 9.0.0 onwards
- 8.5.x for 8.5.22 onwards
- 8.0.x for 8.0.47 onwards
- 7.0.x for 7.0.82 onwards
I'm on the fence regarding the suggested documentation change. If a sysadmin
doesn't understand what enabling HTTP PUT and/or DELETE means I don't think any
realistic amount of documentation is going to result in a correctly secured
Tomcat instance.
Maybe what we need is a link to the security page from every setting called out
in the security page. Something to ponder / discuss on the dev@ list.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
