[CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing

2007-06-18 Thread Mark Thomas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2007-1358: Apache Tomcat XSS vulnerability in Accept-Language header processing Severity: Low (cross-site scripting) Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.34 Tomcat 5.0.0 to 5.0.30 To

Re: client ssl re-negotiation after invalidating session

2007-06-18 Thread Mark Thomas
atul wrote: > Is there a way in tomcat to re-negotiate client certificate after the http > session has been invalidated (it had been successfully authenticated once > before) in the app. i.e. without closing and starting a new client browser. > I tried accessing request attributes javax.servlet.r

client ssl re-negotiation after invalidating session

2007-06-18 Thread atul
Is there a way in tomcat to re-negotiate client certificate after the http session has been invalidated (it had been successfully authenticated once before) in the app. i.e. without closing and starting a new client browser. I tried accessing request attributes javax.servlet.request.X509Certifica

May Chun Chew/FEA/PEC is out of the office.

2007-06-18 Thread May Chun Chew
I will be out of the office starting 06/19/2007 and will not return until 06/21/2007. For urgent matters, pls contact [EMAIL PROTECTED] Tel: (65)63629461. I am also Contactable at (65)97876648. - To unsubscribe, e-mail: [EMAIL

DO NOT REPLY [Bug 42693] New: - JSP-Generation error with recursive tagfile structure

2007-06-18 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

svn commit: r548385 - in /tomcat/tc6.0.x/trunk/java/javax/persistence: PersistenceContext.java PersistenceContextType.java

2007-06-18 Thread remm
Author: remm Date: Mon Jun 18 08:54:54 2007 New Revision: 548385 URL: http://svn.apache.org/viewvc?view=rev&rev=548385 Log: - Fix API. Submitted by Bill Burke. Added: tomcat/tc6.0.x/trunk/java/javax/persistence/PersistenceContextType.java (with props) Modified: tomcat/tc6.0.x/trunk/jav

DO NOT REPLY [Bug 42691] New: - sessions increase timeout as cluster members join

2007-06-18 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 42689] - no way to timeout new connect attempts for replication sockets

2007-06-18 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 42689] New: - no way to timeout new connect attempts for replication sockets

2007-06-18 Thread bugzilla
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

Tomcat 6.0 on HP Non-Stop Server

2007-06-18 Thread Nagendra, Suveer
Hello, Am in the process of porting Tomcat 6.0.13 servlet container to run on a HP Non-Stop Multi CPU environment. This would mean there would multiple 'servlet container' processes deployed on native deployment mechanisms. This port involves the following tasks: 1. Write connector to the na