[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVE-2007-3382: Handling of cookies containing a ' character
- To: Tomcat Users List <users@xxxxxxxxxxxxxxxxx>
- Subject: Re: CVE-2007-3382: Handling of cookies containing a ' character
- From: Christopher Schultz <chris@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 14 Aug 2007 11:52:22 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark,
Mark Thomas wrote:
> CVE-2007-3382: Handling of cookies containing a ' character
>
> Versions Affected:
> 5.5.0 to 5.5.24
Since 5.5.24 isn't yet released, will an upcoming 5.5.24 release include
a fix for this problem given:
> Mitigation:
> Upgrade to 6.0.14
?
Thanks,
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGwc+29CaO5/Lv0PARAug2AJ98oeF8HRLiXIqqzDEazknml6N/pwCgiNkO
+SIMwuOKQWDG0lkT1okzO7I=
=6jSG
-----END PGP SIGNATURE-----