announce  

Messages by Thread

• [ANN] Apache Tomcat 7.0.63 released Violeta Georgieva
• [ANN] End of life for Apache Tomcat 6.0.x Mark Thomas
• [ANN] Apache Tomcat 8.0.23 available Mark Thomas
• [ANN] Apache Tomcat 7.0.62 released Violeta Georgieva
• [SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass Mark Thomas
• [ANN] Apache Tomcat 6.0.44 available Mark Thomas
• [ANN] Apache Tomcat 8.0.22 available Mark Thomas
• [SECURITY] CVE-2014-0230: Apache Tomcat DoS Mark Thomas
• [ANN] Apache Tomcat 7.0.61 released Violeta Georgieva
• [ANN] Apache Tomcat 8.0.21 available Mark Thomas
• [ANN] Apache Tomcat Native 1.1.33 released Mark Thomas
• [ANN] Apache Standard Taglib 1.2.5 released Jeremy Boynes
• [ANN} Apache Standard Taglib 1.2.3 released Jeremy Boynes
• [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags Jeremy Boynes
• [ANN] Apache Tomcat 8.0.20 available Mark Thomas
• [ANN] Apache Tomcat 7.0.59 released Violeta Georgieva
• [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling Mark Thomas
• [ANN] Apache Tomcat 8.0.18 available Mark Thomas
• [ANN] Apache Tomcat 8.0.17 available Mark Thomas
• [ANN] Apache Tomcat 6.0.43 released Mark Thomas
• [ANN] Apache Tomcat 7.0.57 released Violeta Georgieva
• [ANN] Apache Tomcat 8.0.15 available Mark Thomas
• [ANN] Apache Tomcat Native 1.1.32 released Mark Thomas
  • Re: [ANN] Apache Tomcat Native 1.1.32 released Mark Thomas
• [ANN] Apache Tomcat 7.0.56 released Violeta Georgieva
• [ANN] Apache Tomcat 8.0.14 available Mark Thomas
• [SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat Mark Thomas
• [ANN] Apache Tomcat 8.0.12 available Mark Thomas
• [ANN] Apache Tomcat 8.0.11 (stable) available Mark Thomas
• [ANN] Apache Tomcat 7.0.55 released Violeta Georgieva
• [ANN] Apache Tomcat Native 1.1.31 released Mark Thomas
• [ANN] Apache Tomcat 8.0.9 (stable) available Mark Thomas
• [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure Mark Thomas
• [SECURITY] CVE-2014-0095 Apache Tomcat denial of service Mark Thomas
• [SECURITY] CVE-2014-0075 Apache Tomcat denial of service Mark Thomas
• [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure Mark Thomas
• [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure Mark Thomas
  • Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure Mark Thomas
• [ANN] Apache Tomcat 7.0.54 released Violeta Georgieva
• [ANN] Apache Tomcat 6.0.41 released Mark Thomas
• [ANN] Apache Tomcat 8.0.8 (beta) available Mark Thomas
• [ANN] Apache Tomcat Native 1.1.30 released Mladen Turk
• [ANN] Apache Tomcat Connectors 1.2.40 released Mladen Turk
• [ANN] Apache Tomcat 7.0.53 released Violeta Georgieva
• [ANN] Apache Tomcat 8.0.5 (beta) available Mark Thomas
• [ANN] Apache Tomcat Connectors 1.2.39 released Mladen Turk
• Apache Tomcat Summit Mark Thomas
• [SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications Mark Thomas
• [SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure) Mark Thomas
• [SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled Mark Thomas
• [SECURITY] CVE-2013-4322 Incomplete fix for CVE-2012-3544 (Denial of Service) Mark Thomas
• [ANN] Apache Tomcat 7.0.52 released Violeta Georgieva
• [SECURITY] CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS Mark Thomas
• [ANN] Apache Tomcat 8.0.1 (beta) available Mark Thomas
• [ANN] Apache Tomcat 6.0.39 released Mark Thomas
• [ANN] Apache Standard Taglib 1.2.1 released Jeremy Boynes
• [ANN] Apache Tomcat 7.0.50 released Violeta Georgieva
• [ANN] Apache Tomcat 8.0.0-RC10 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 7.0.47 released Violeta Georgieva
• [ANN] Apache Tomcat 8.0.0-RC5 (alpha) available Mark Thomas
• [ANN] Apache Tomcat Native 1.1.29 released Mladen Turk
• [ANN] Apache Tomcat 8.0.0-RC3 (alpha) available Mark Thomas
• [ANN] Apache Tomcat Native 1.1.28 released Mladen Turk
• [ANN] Apache Tomcat 8.0.0-RC1 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 7.0.42 released Mark Thomas
• [ANN] Apache Tomcat 7.0.41 released Mark Thomas
• CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException Mark Thomas
• [ANN] Apache Tomcat 7.0.40 released Mark Thomas
• [SECURITY] CVE-2013-2067 Session fixation with FORM authenticator Mark Thomas
• [SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited Mark Thomas
• [ANN] Apache Tomcat 6.0.37 released Jean-Frederic Clere
• [ANN] Apache Tomcat 7.0.39 released Mark Thomas
• [ANN] Apache Tomcat 7.0.37 released Mark Thomas
• [ANN] Apache Tomcat Native 1.1.27 released Mladen Turk
• [ANN] Apache Tomcat 7.0.35 released Mark Thomas
• [ANN] Apache Tomcat 7.0.34 released Mark Thomas
• CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter Mark Thomas
• CVE-2012-3546 Apache Tomcat Bypass of security constraints Mark Thomas
• CVE-2012-4534 Apache Tomcat denial of service Mark Thomas
• [ANN] Apache Tomcat 7.0.33 released Mark Thomas
• Fwd: [ANN] Apache Tomcat 6.0.36 released Mark Thomas
• [SECURITY] CVE-2012-3439 Apache Tomcat DIGEST authentication weaknesses Mark Thomas
• [SECURITY] CVE-2012-2733 Apache Tomcat Denial of Service Mark Thomas
• [ANN] Apache Tomcat 5.5.36 released Mark Thomas
• [ANN] Apache Tomcat 7.0.32 released Mark Thomas
• [ANN] Apache Tomcat Maven Plugin 2.0 Olivier Lamy
• [ANN] Apache Tomcat 7.0.30 released Mark Thomas
• [ANN] Apache Tomcat 7.0.29 released Mark Thomas
• [ANN] Apache Tomcat 7.0.28 released Mark Thomas
• [ANN] Apache Tomcat Native 1.1.24 released Mladen Turk
• [ANN] Apache Tomcat Connectors 1.2.37 released Mladen Turk
• [ANN] Apache Tomcat Connectors 1.2.36 released Mladen Turk
• [ANN] Apache Tomcat 7.0.27 released Mark Thomas
• [ANN] Apache Tomcat Connectors 1.2.35 released Mladen Turk
• [ANN] Apache Tomcat Connectors 1.2.33 stability issue Mladen Turk
• [ANN] Apache Tomcat Connectors 1.2.33 released Mladen Turk
• [ANN] Apache Tomcat Native 1.1.23 released Mladen Turk
• [ANN] Apache Tomcat 7.0.26 released Mark Thomas
• [ANN] Apache Tomcat 7.0.25 released Mark Thomas
• [SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service Mark Thomas
• [SECURITY] CVE-2011-3375 Apache Tomcat Information disclosure Mark Thomas
• [SECURITY] Apache Tomcat and the hashtable collision DoS vulnerability Mark Thomas
• [ANN] Apache Tomcat 6.0.35 released Jean-Frederic Clere
• [ANN] Apache Tomcat 7.0.23 released Mark Thomas
• [SECURITY] CVE-2011-3376 Apache Tomcat - Privilege Escalation via Manager app Mark Thomas
• [ANN] Apache Tomcat 7.0.22 released Mark Thomas
• [SECURITY] CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST authentication Mark Thomas
• [ANN] Apache Tomcat 7.0.21 released Mark Thomas
• [SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure Mark Thomas
• [ANN] Apache Tomcat 6.0.33 released Jean-Frederic Clere
• [SECURITY] CVE-2011-2481: Apache Tomcat information disclosure vulnerability Mark Thomas
• [SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat) Mark Thomas
• [ANN] Apache Tomcat 7.0.20 released Mark Thomas
• [ANN] End of life for Apache Tomcat 5.5.x Mark Thomas
  • Re: [ANN] End of life for Apache Tomcat 5.5.x Mark Thomas
• [ANN] Apache Tomcat Native 1.1.22 released Jean-Frederic Clere
• [ANN] Apache Tomcat 7.0.19 released Mark Thomas
• [SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities Mark Thomas
• [ANN] Apache Tomcat Connectors 1.2.32 released Mladen Turk
• [SECURITY] CVE-2011-2204 - Apache Tomcat information disclosure Mark Thomas
• [ANN] Apache Tomcat 7.0.16 released Mark Thomas
• [SECURITY] CVE-2011-1582 Apache Tomcat security constraint bypass Mark Thomas
• [ANN] Apache Tomcat 7.0.14 released markt
• [SECURITY] CVE-2011-1475 Apache Tomcat information disclosure Mark Thomas
• [SECURITY] CVE-2011-1183 Apache Tomcat security constraint bypass Mark Thomas
• [ANN] Apache Tomcat 7.0.12 released Mark Thomas
• [SECURITY] CVE-2011-1088 Apache Tomcat security constraint bypass Mark Thomas
• [ANN] Apache Tomcat 7.0.11 released Mark Thomas
• [ANN] Apache Tomcat 7.0.10 released Mark Thomas
• [SECURITY] Tomcat 7 ignores @ServletSecurity annotations Mark Thomas
  • [SECURITY] Tomcat 7 ignores @ServletSecurity annotations Mark Thomas
• [SECURITY] CVE-2011-0013 Apache Tomcat Manager XSS vulnerability Mark Thomas
• [SECURITY] CVE-2011-0534 Apache Tomcat DoS vulnerability Mark Thomas
• [SECURITY] Oracle JVM bug causes denial of service in Apache Tomcat Mark Thomas
• [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions Mark Thomas
  • [SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions Mark Thomas
• [ANN] Apache Tomcat 7.0.8 released Mark Thomas
• [ANN] Apache Tomcat 6.0.32 released Jean-Frederic Clere
• [ANN] Apache Tomcat 7.0.6 released Mark Thomas
• [ANN] Apache Tomcat 6.0.30 released Jean-Frederic Clere
• [ANN] Apache Tomcat 7.0.5 beta released Mark Thomas
• [SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability Mark Thomas
  • Re: [SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability Mark Thomas
• [ANN] Apache Tomcat Connectors 1.2.31 released Mladen Turk
• [ANN] Apache Tomcat 7.0.4 beta released Mark Thomas
• [ANN] Apache Tomcat 7.0.2 beta released Mark Thomas
• [ANN] Apache Tomcat 6.0.29 released Jean-Frederic Clere
• win an i phone sameer ch
• [SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability Mark Thomas
• [ANN] Apache Tomcat 5.5.30 released Jim Jagielski
• [ANN] Apache Tomcat 6.0.28 released Jean-Frederic Clere
• [ANN] Tomcat blog now available Mark Thomas
• [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability Mark Thomas
• [ANN] Apache Tomcat 5.5.29 released Mark Thomas
• [ANN] Apache Tomcat 6.0.26 released Jean-Frederic Clere
• [SECURITY] CVE-2009-2693 Apache Tomcat unexpected file deletion and/or alteration Mark Thomas
• [SECURITY] CVE-2009-2902 Apache Tomcat unexpected file deletion in work directory Mark Thomas
• [SECURITY] CVE-2009-2901 Apache Tomcat insecure partial deploy after failed undeploy Mark Thomas
• [ANN] Apache Tomcat Connectors 1.2.30 released Mladen Turk
• [ANN] Apache Tomcat Native 1.1.19 released Mladen Turk
• [ANN] Apache Tomcat 6.0.24 released jfclere
• [SECURITY] CVE-2009-3555 SSL Man-In-The-Middle attack - Status update Mark Thomas
• [SECURITY] CVE-2009-3555 SSL Man-In-The-Middle attack Mark Thomas
• [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password Mark Thomas
• [Fwd: [ANN] Apache Tomcat 5.5.28 released] Mark Thomas
• [ANN] Apache Tomcat 4.1.40 stable is now available Mark Thomas
• [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability Mark Thomas
• [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability Mark Thomas
• [SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication Mark Thomas
• [SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure Mark Thomas
• [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication Mark Thomas
• [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector Mark Thomas
• [ANN] New Tomcat announce list Mark Thomas

• Later messages