On 29/06/2023 14:24, George Angeletos wrote:
Hello,
I presume this only affects setups using AJP connectors - right?
Correct.
Mark
Thanks
George
On Wed, 21 Jun 2023 at 13:21, Mark Thomas wrote:
CVE-2023-34981 Apache Tomcat - Information disclosure
Severity: Important
Vendor: The
Hello,
I presume this only affects setups using AJP connectors - right?
Thanks
George
On Wed, 21 Jun 2023 at 13:21, Mark Thomas wrote:
> CVE-2023-34981 Apache Tomcat - Information disclosure
>
> Severity: Important
>
> Vendor: The Apache Software Foundation
>
> Versions Affected:
> Apache
t Users List
> Subject: Re: [SECURITY] CVE-2023-34981 Apache Tomcat - Information
> disclosure
> Importance: High
>
> Funny thing: we recently needed to update a customer's Tomcat because
> they were complaining about a security issue that had prompted 8.5.88.
>
> And b
Funny thing: we recently needed to update a customer's Tomcat because
they were complaining about a security issue that had prompted 8.5.88.
And by the time we got the update request, 8.5.89 was already out, but
we hadn't yet heard of CVE-2023-34981.
So we'd already skipped over 8.5.88
On 22/06/2023 00:17, Stefan Mayr wrote:
Hi,
Am 21.06.2023 um 12:20 schrieb Mark Thomas:
CVE-2023-34981 Apache Tomcat - Information disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M5
Apache Tomcat 10.1.8
Apache Tomcat 9.0.74
Hi,
Am 21.06.2023 um 12:20 schrieb Mark Thomas:
CVE-2023-34981 Apache Tomcat - Information disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M5
Apache Tomcat 10.1.8
Apache Tomcat 9.0.74
Apache Tomcat 8.5.88
Description:
The fix for
CVE-2023-34981 Apache Tomcat - Information disclosure
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M5
Apache Tomcat 10.1.8
Apache Tomcat 9.0.74
Apache Tomcat 8.5.88
Description:
The fix for bug 66512 introduced a regression that was fixed