John Caron wrote:
I have a _possible_ bug involving security in Tomcat 5.0.28. I dont see
it in the bug database, although it may be described in a way that I
didnt search for.
I would prefer to send it privately in case its real. If thats not
feasible, I will post it here. Or is there a way to put it in the
database but mark it private?
Can anyone advise?
Security bugs should be sent to [EMAIL PROTECTED] (who will send it
on to the tomcat team). If you send it to me directly I'll take a look
now.
One other point, when sending a message on a new topic to the list,
please don't reply to an old message and change the subject line.
Thread aware mail clients still recognise your "new" message as part
of the old thread. The correct process is to create a new message.
Mark
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
