Supposing the security vulnerability to be true as it seems (but i
didn't check) means first of all that if you don't have the Tomcat
Manager Aplication working and you don't have more than one web
aplication or at least you don't have any other application proxified
then you don't have to worry.
Anyway you can run tomcat 5.5 with java 1.4 but it needs configuration.
Hope it helps.
Laura McCord escribió:
I currently have Tomcat 5.0.28 installed and we received a security
vulnerability notice pertaining to a "Apache Tomcat Directory Traversal".
http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0167.html
We were thinking about upgrading to version 5.5.23 but is it true that
we would have to upgrade our java installation from 1.4 to java 5?
Also, if anyone is familiar with this security vulnerability can you
please explain what this means?
Thanks.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
