On 25/06/2015 06:59, Ganesh Bms wrote:
Hi,
As per tomcat's performance tuning doc, 'tcpNoDelay' can be
enabled/disabled at connector level.
Is there a programmatic way to set 'tcpNoDelay' to true for web socket
connections ? I am using tomcat's proprietary web socket APIs in my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Agharta,
On 6/25/15 2:39 AM, agharta wrote:
On 06/24/2015 06:04 PM, Christopher Schultz wrote: Agharta,
On 6/24/15 11:17 AM, agharta wrote:
Hi all,
A rapid question: colud i place the tomcat 7 catalina-ws.jar
inside a new tomcat 8
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 6/25/15 3:49 AM, Mark Thomas wrote:
On 25/06/2015 07:07, Nikitha Benny wrote:
Hi,
I am confused regarding the 2 security issues CVE-2007-6750 and
CVE-2009-5111.
Can they be tracked to CVE-2012-5568?
All of those CVEs are
Lynch, Charles [USA] wrote:
Seeking guidance on mitigation of
CVE-2014-7810http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810 on
Apache Tomcat 6.0.37. Upgrading to 6.0.43 is not an option for my team at the moment,
and we need to secure our install via other means until the patch can
Lynch, Charles [USA] wrote:
Thank you. I am fairly unfamiliar with Apache as a whole. Simply trying to
address our possible attack surfaces. I appreciate your assistance.
Welcome.
By the way, I found the reference to the article below by entering this on
Google :
CVE-2014-7810 and Tomcat
You are saying a malicious actor would need to be on the server itself to load
an application?
From: André Warnier [a...@ice-sa.com]
Sent: Thursday, June 25, 2015 7:55 AM
To: Tomcat Users List
Subject: [External] Re: CVE-2014-7810 Mitigation
Lynch, Charles [USA]
Thank you. I am fairly unfamiliar with Apache as a whole. Simply trying to
address our possible attack surfaces. I appreciate your assistance.
From: André Warnier [a...@ice-sa.com]
Sent: Thursday, June 25, 2015 8:32 AM
To: Tomcat Users List
Subject: Re:
Lynch, Charles [USA] wrote:
You are saying a malicious actor would need to be on the server itself to load
an application?
Basically yes, or be allowed to load and deploy applications via the Manager application
(which is either not installed, or anyway secured by default)
It is fairly
Seeking guidance on mitigation of
CVE-2014-7810http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810 on
Apache Tomcat 6.0.37. Upgrading to 6.0.43 is not an option for my team at the
moment, and we need to secure our install via other means until the patch can
be applied. If there are any
Le 25 juin 2015 à 10:40, André Warnier a...@ice-sa.com a écrit :
Pascal Abaziou wrote:
Le 25 juin 2015 à 00:23, Mark Eggers its_toas...@yahoo.com.INVALID a
écrit :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 6/24/2015 2:40 PM, André Warnier wrote:
Pascal Abaziou wrote:
Le 25 juin 2015 à 21:45, Pascal Abaziou pascal.abaz...@gmail.com a écrit :
Le 25 juin 2015 à 10:40, André Warnier a...@ice-sa.com
mailto:a...@ice-sa.com a écrit :
Pascal Abaziou wrote:
Le 25 juin 2015 à 00:23, Mark Eggers its_toas...@yahoo.com.INVALID
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException
Assuming you have only a single Filter configured in web.xml
Assuming you have logic in a doFilter that checks the value of a boolean.
If the boolean is true, then
Le 25 juin 2015 à 16:16, Christopher Schultz ch...@christopherschultz.net a
écrit :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Pascal,
On 6/25/15 10:01 AM, Christopher Schultz wrote:
Pascal,
On 6/24/15 4:23 PM, Pascal Abaziou wrote:
Hello,
I’m searching for the version
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Pascal,
On 6/24/15 4:23 PM, Pascal Abaziou wrote:
Hello,
I’m searching for the version that fixes a bug I’ve on a tomcat
6.0.24 (on redhat). As I do not reproduce it on my windows
workstation with tomcat 6.0.44, I need elements to argue to
On 06/25/2015 04:45 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Agharta,
On 6/25/15 10:30 AM, agharta wrote:
On 06/25/2015 03:51 PM, Christopher Schultz wrote: Agharta,
On 6/25/15 2:39 AM, agharta wrote:
On 06/24/2015 06:04 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Agharta,
On 6/25/15 10:30 AM, agharta wrote:
On 06/25/2015 03:51 PM, Christopher Schultz wrote: Agharta,
On 6/25/15 2:39 AM, agharta wrote:
On 06/24/2015 06:04 PM, Christopher Schultz wrote: Agharta,
On 6/24/15 11:17 AM, agharta wrote:
Hi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Pascal,
On 6/25/15 10:01 AM, Christopher Schultz wrote:
Pascal,
On 6/24/15 4:23 PM, Pascal Abaziou wrote:
Hello,
I’m searching for the version that fixes a bug I’ve on a tomcat
6.0.24 (on redhat). As I do not reproduce it on my windows
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
André,
On 6/25/15 8:32 AM, André Warnier wrote:
Lynch, Charles [USA] wrote:
You are saying a malicious actor would need to be on the server
itself to load an application?
Basically yes, or be allowed to load and deploy applications via
the
On 06/25/2015 03:51 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Agharta,
On 6/25/15 2:39 AM, agharta wrote:
On 06/24/2015 06:04 PM, Christopher Schultz wrote: Agharta,
On 6/24/15 11:17 AM, agharta wrote:
Hi all,
A rapid question: colud i place the tomcat
Hi All,
I have 2 web apps sitting on single tomcat instance, App A( Classic
JSP/Servlet/jstl/velocity App) and App B (Struts2 based app).
Now I have added S2 to App A and trying to fix some bad code in it with
it.But after making this change I keep getting out of OOM issues once user
count
On 06/24/2015 06:04 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Agharta,
On 6/24/15 11:17 AM, agharta wrote:
Hi all,
A rapid question: colud i place the tomcat 7 catalina-ws.jar inside
a new tomcat 8 installation ?
Why would you want to do something like
On 25/06/2015 07:07, Nikitha Benny wrote:
Hi,
I am confused regarding the 2 security issues CVE-2007-6750
and CVE-2009-5111.
Can they be tracked to CVE-2012-5568?
All of those CVEs are essentially the same issue (slowloris) in
different products.
According to CVE-2012-5568, I
Hi,
I am confused regarding the 2 security issues CVE-2007-6750
and CVE-2009-5111.
Can they be tracked to CVE-2012-5568?
According to CVE-2012-5568, I understand that this is not a vulnerability
in Tomcat. Please confirm.
When Tomcat 7.0.62 was scanned using McAfee Vulnerability Manager Tool,
Pascal Abaziou wrote:
Le 25 juin 2015 à 00:23, Mark Eggers its_toas...@yahoo.com.INVALID a écrit :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 6/24/2015 2:40 PM, André Warnier wrote:
Pascal Abaziou wrote:
Hello,
I’m searching for the version that fixes a bug I’ve on a tomcat
6.0.24
24 matches
Mail list logo