Classification: UNCLASSIFIED Caveats: NONE Thanks....it's kind of hard to understand how to implement this workaround but I will look into it. Appreciate the response.
-----Original Message----- From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] Sent: Wednesday, September 21, 2011 7:02 PM To: Tomcat Users List Subject: Re: Apache Tomcat 5.5.34 Question (UNCLASSIFIED) 2011/9/21 BARRON, HAROLD H CTR DISA EE <harold.barron....@disa.mil>: > > Apache Tomcat AJP Protocol Security Bypass and Information Disclosure > Vulnerability - (CVE-2011-3190): > 1. Mitigation options are listed here: http://tomcat.apache.org/security-5.html http://tomcat.apache.org/security-6.html Both 5.5 and 6.0 have a connector implementation that is not vulnerable to this issue 2. 5.5.34 binaries are already available for testing and have good chances to be officially released in the following days. 6.0.34 release plans have not been discussed (with 6.0.33 being released not so long ago). Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org Classification: UNCLASSIFIED Caveats: NONE
smime.p7s
Description: S/MIME cryptographic signature
