Author: mturk
Date: Sat Oct 4 23:54:33 2008
New Revision: 701752
URL: http://svn.apache.org/viewvc?rev=701752&view=rev
Log:
Note the correct comment
Modified:
tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c
Modified: tomcat/connectors/trunk/jk/native/common/jk_ajp_common.c
URL:
ht
Author: mturk
Date: Sat Oct 4 23:53:20 2008
New Revision: 701751
URL: http://svn.apache.org/viewvc?rev=701751&view=rev
Log:
When doing get_endpoint() try to return the connected endpoints first. In
send_request() we were doing exactly this when we got the endpoint, so need for
double cache lock
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at [EMAIL PROTECTED]
Project jakarta-tomcat has an issue affecting its community integration.
This issue affec
David Tyler wrote:
> Given the widespread and increasing nature of this exploit, I think it would
> be prudent of the tomcat devs to alter the default installation to disable
> the tomcat manager by default or otherwise somehow require a non-default
> password to be set. True, this is not a bug
There are increasing reports starting in July of 2008 and rising through August
and September of an active exploit involving the default credentials for the
tomcat manager app (not version specific).
I am writing to suggest the the tomcat devs take some simple steps to help
prevent novice user
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at [EMAIL PROTECTED]
Project jakarta-tomcat has an issue affecting its community integration.
This issue affec
