On 2023/12/18 17:00:43 Mark Thomas wrote: > On 17/12/2023 16:32, Sean Whitton wrote: > > Hello, > > > > I am working to backport the fix for CVE-2023-46589 to Tomcat version > > 8.0.14, which is what we have in Debian "jessie". This is under the > > Extended LTS project for older Debian releases, run by Freexian SARL. > > <https://www.freexian.com/lts/extended/> > > Sean, > > Am I understanding this request correctly? > > Freexian has sold at least one customer - probably multiple customers - > long term support for Tomcat 8.0.x and has now found that it is unable > to provide that support. > > Feexian's solution to this dilemma is to ask the Tomcat community - who > stopped supporting Tomcat 8.0.x over five years ago in June 2018 - to > provide free support to fill this gap in Freexian's capability to > support Tomcat. > > There are several things that don't seem right about the above so I am > looking forward to you correcting my understanding of the circumstances > of this request.
SCNR: https://unixsheikh.com/articles/the-delusions-of-debian.html --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
