It has been identified to me by our security group that my Apache Tomcat 6.0.33 has the following vulnerability CVE-2011-3190. There is a link on the Apache Tomcat 6.0 Security page to http://svn.apache.org/viewvc?view=revision&revision=1162959 as a patch.
The link list three files: /tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpAprProcessor.java /tomcat/tc6.0.x/trunk/java/org/apache/coyote/ajp/AjpProcessor.java /tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml There is no trunk or java/org/apache/coyote directory in my installation. Do I add those directories to apply the patch. I am completely new at all of this so all help and direction is appreciated and necessary. Thanks Brendan P Keenan Mainframe Automation CSC Home Office - Columbia, CT USA GOS | Global Enterprise Service Mgmt | 1.860.416.0251 | bkee...@csc.com | www.csc.com This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
