Re: [SECURITY] Security Vulnerabilities in Tomcat 3.1 and 3.2

[Glenn Nielsen]

"Craig R. McClanahan" wrote:
> 
> Over the last three days, a review of published and soon-to-be-published reports
> of security vulnerabilities in Tomcat has uncovered a series of problems in the
> 3.1 final release, and a couple of less serious (but still significant) problems
> in 3.2.  Please vote (quickly) on the following two issues:
> 
> Proposal #1:  Release a Tomcat 3.1.1 that fixes *only* the security problems
> 

+1

> Proposal #2:  Release a Tomcat 3.2.1 that fixes the following security problems
> plus the patches committed to date.
> 

Very shortly I will have some updated documents for configuring Tomcat to use
the Java SecurityManager under various flavors of MS Windows.  I would like
to get this into the 3.2.1 release.

+1 If you can hold off a day so I can get these documents updated

Regards,

Glenn

----------------------------------------------------------------------
Glenn Nielsen             [EMAIL PROTECTED] | /* Spelin donut madder    |
MOREnet System Programming               |  * if iz ina coment.      |
Missouri Research and Education Network  |  */                       |
----------------------------------------------------------------------