CVE-2008-1947 is fixed in 5.5.26-3 See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484643 Look at changes in HTMLHostManagerServlet.java in the diff.gz
-- tomcat <6.0.18: Directory Traversal (CVE-2008-2938) https://bugs.launchpad.net/bugs/256802 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs