On 03.10.2016 13:10, André Warnier (tomcat) wrote:
On 03.10.2016 13:03, Vamsavardhana Reddy wrote:
Hi,
Is there a 6.0.x patch for CVE-2016-5388? I do not see it listed in
https://tomcat.apache.org/security-6.html .
Hi.
If you really mean "patch", see
http://tomcat.apache.org/security.html
First paragraph.
Also see
http://tomcat.apache.org/security-6.html#Apache_Tomcat_6.x_vulnerabilities
3rd paragraph
Or do you mean "version" or "release" ?
Also, if you search for "CVE-2016-5388", it leads you to a page with a complete
explanation of what it is about,
and even source code for how to avoid the issue under Tomcat, assuming that it is even
applicable in your case.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
