svn commit: r746426 - /tomcat/tc6.0.x/trunk/STATUS.txt

Fri, 20 Feb 2009 16:47:38 -0800 

Author: markt
Date: Sat Feb 21 00:47:09 2009
New Revision: 746426

URL: http://svn.apache.org/viewvc?rev=746426&view=rev
Log:
Propose additional patch to address security concerns
I'm removing Filip's +1 since the patch has changed a fair bit

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=746426&r1=746425&r2=746426&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Sat Feb 21 00:47:09 2009
@@ -90,11 +90,12 @@
   -1: 
 
 * Changes required to run with a security manager
-  http://svn.apache.org/viewvc?rev=721286&view=rev
-  http://svn.apache.org/viewvc?rev=721704&view=rev
-  http://svn.apache.org/viewvc?rev=721708&view=rev
-  http://svn.apache.org/viewvc?rev=721886&view=rev
-  +1: markt, fhanik
+  http://svn.apache.org/viewvc?rev=721286&view=rev (original)
+  http://svn.apache.org/viewvc?rev=721704&view=rev (original)
+  http://svn.apache.org/viewvc?rev=721708&view=rev (original)
+  http://svn.apache.org/viewvc?rev=721886&view=rev (original)
+  http://svn.apache.org/viewvc?rev=746425&view=rev (to address Bill's concerns)
+  +1: markt
    0: billbarker: Haven't tried to break it yet, but the 4th patch potentially
       offers access to static fields in ELContextImpl and ELResolverImpl that 
could 
       possibly be exploited by a malicious webapp.



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to