On 30/10/2013 04:09, kanishk.se...@accenture.com wrote: > Hi Team, > > As per our security team we need to install the below patches on > multiple servers to remove vulnerabilities.
This is a question for the users list, not the dev list. You should read this: http://www.catb.org/esr/faqs/smart-questions.html before you post your question to the users list. Mark > Below is the information we have received from our security team, > Need your support to have a detailed impact analysis on the > compatibility of the below patches. > > Apache Tomcat is a container for Java Servlet and Java Server Pages > Web applications. Multiple vulnerabilities present in some versions > of Apache Tomcat could lead to denial of service. Multiple flaws are > present in Tomcat, which fails to handle invalid Transfer-Encoding > header request that prevents buffer recycling. Successful > exploitation could allow an attacker to gain sensitive information or > cause a denial of service condition on the affected system. > > http://svn.apache.org/viewvc?view=revision&revision=958911 > http://svn.apache.org/viewvc?view=revision&revision=958977 > http://svn.apache.org/viewvc?view=revision&revision=959428 > http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151 > > http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2012-05-584&actionBtn=Search > > Regards Kanishk Sethi > > ________________________________ > > This message is for the designated recipient only and may contain > privileged, proprietary, or otherwise confidential information. If > you have received it in error, please notify the sender immediately > and delete the original. Any other use of the e-mail by you is > prohibited. Where allowed by local law, electronic communications > with Accenture and its affiliates, including e-mail and instant > messaging (including content), may be scanned by our systems for the > purposes of information security and assessment of internal > compliance with Accenture policy. . > ______________________________________________________________________________________ > > www.accenture.com > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
