DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42979>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42979 Summary: Fixed JSP and Servlet for CVE-2007-1355 are not included in the sample.war Product: Tomcat 5 Version: 5.5.24 Platform: All URL: http://jakarta.apache.org/tomcat/tomcat-5.5- doc/appdev/sample/sample.war OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Webapps:Documentation AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] The JSP and Servlet which are part of the sample application are not updated in the war file. The sample.war file still contains the old files. So this security hole still exists in the latest tomcat distribution. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
