Package: tomcat4 Version: 4.1.31-3 Hi,
According to this... http://www.frsirt.com/english/advisories/2007/1729 ...upstream versions of tomcat 4 prior to 4.1.36 have vulnerabilities that can allow someone to "bypass security restrictions or execute arbitrary scripting code". Do these apply to tomcat4 in Sarge? If so, will a fixed debian package be released? -- -Mike Horansky, ITSS/Unix Systems and Applications [EMAIL PROTECTED] OPINIONS EXPRESSED BY ME ARE NOT NECESSARILY SHARED BY MY EMPLOYERS. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
