https://bz.apache.org/bugzilla/show_bug.cgi?id=60578
--- Comment #4 from Mark Thomas <ma...@apache.org> --- Note the root cause of this in Debian, Ubuntu etc. was back-porting the security fix for CVE-2016-6816 without back-porting the 57544 fix. This made it trivial to trigger the loop described in bug 57544. Without the back-port of the CVE-2016-6816 the loop described in bug 57544 was significantly harder to trigger. The root cause of 57544 has not been identified. It may have been user triggered but it may also have been triggered by an application bug. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
