And just in case! It desn't seem to apply in case you don't have Apache
Server + Apache Tomcat through connector.
-------- Mensaje original --------
Supposing the security vulnerability to be true as it seems (but i
didn't check) means first of all that if you don't have the Tomcat
Manager Aplication working and you don't have more than one web
aplication or at least you don't have any other application proxified
then you don't have to worry.
Anyway you can run tomcat 5.5 with java 1.4 but it needs configuration.
Hope it helps.
Laura McCord escribió:
I currently have Tomcat 5.0.28 installed and we received a security
vulnerability notice pertaining to a "Apache Tomcat Directory Traversal".
http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0167.html
We were thinking about upgrading to version 5.5.23 but is it true that
we would have to upgrade our java installation from 1.4 to java 5?
Also, if anyone is familiar with this security vulnerability can you
please explain what this means?
Thanks.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
--
*Rui Monteiro - 616976483 *
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
*Villanueva de la Serena
Pol. Ind. Cagancha, 9
06700 VILLANUEVA DE LA SERENA (Badajoz)
Telf: 924 840962 y Fax: 924 842261 *
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
*Mérida
Avda. de la Juan Carlos I, 11
06800 MERIDA (Badajoz)
Telf: 924 318405 y Fax: 924 387352*
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
*Cáceres
San Vicente de Paúl, esquina a Federico Ballell
10001 CACERES
Telf: 927 246456 y Fax: 927 210986*
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
