"Craig R. McClanahan" wrote: > [...] > Proposal #1: Release a Tomcat 3.1.1 that fixes *only* the security problems +0. Is removing TC 3.1 from the download pages an alternative? There shouldn't be any reason for anyone to use TC 3.1 now when 3.2 is released. Upgrading to 3.2.1 could be the recommended action for all TC 3.1 users that need to plug the security holes. > Proposal #2: Release a Tomcat 3.2.1 that fixes the following security problems > plus the patches committed to date. +1 Hans -- Hans Bergsten [EMAIL PROTECTED] Gefion Software http://www.gefionsoftware.com Author of JavaServer Pages (O'Reilly), http://TheJSPBook.com
- [SECURITY] Security Vulnerabilities in Tomcat 3.1 and ... Craig R. McClanahan
- Re: [SECURITY] Security Vulnerabilities in Tomcat... Remy Maucherat
- Re: [SECURITY] Security Vulnerabilities in Tomcat... Hans Bergsten
- Re: [SECURITY] Security Vulnerabilities in To... Craig R. McClanahan
- Re: [SECURITY] Security Vulnerabilities i... Jon Stevens
- [PATCH] Jakarta site release page (was: [SECU... Kief Morris
- Re: [SECURITY] Security Vulnerabilities in Tomcat... Jon Stevens
- Re: [SECURITY] Security Vulnerabilities in Tomcat... Nick Bauman
- Re: [SECURITY] Security Vulnerabilities in To... Craig R. McClanahan
- Re: [SECURITY] Security Vulnerabilities in Tomcat... Glenn Nielsen
- Re: [SECURITY] Security Vulnerabilities in To... Craig R. McClanahan
- Re: [SECURITY] Security Vulnerabilities i... Glenn Nielsen