[Bug 65444] Jakarta EE?

https://bz.apache.org/bugzilla/show_bug.cgi?id=65444 --- Comment #3 from Christopher Schultz --- And nobody mentioned: 1. Bugzilla is not a support forum. Bring this discussion to the users@ list. 2. (And this is a big one) TOMCAT PROVIDES AN AUTOMATED CONVERSION TOOL FROM YOUR OLD RUSTY JAVA E

[GitHub] [tomcat] pachulisk opened a new pull request #433: Fix typo

pachulisk opened a new pull request #433: URL: https://github.com/apache/tomcat/pull/433 Add missing words -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe,

RE: [SECURITY] CVE-2021-30639 Apache Tomcat DoS

Corrected Numbers. Subtract 3667 desktops from the 8.5.64 numbers. 8.5.64 DISCOVERED_VERSION (Multiple Items) ASSET_CLAS_DS DESKTOP Row Labels Count of CI_NM_HOST (blank) 3667 Grand Total 3667 Distributed Servers: DISCOVERED_VERSION (Multiple Items) ASSET_CLAS_DS DISTRIBUTED

[tomcat] branch 10.0.x updated: Add release date for 10.0.8

This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 10.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git The following commit(s) were added to refs/heads/10.0.x by this push: new 3cefc1c Add release date for 10.0.8 3cefc1c is d

[SECURITY] CVE-2021-30640 Apache Tomcat JNDI realm authentication weakness

CVE-2021-30640 JNDI Realm Authentication Weakness Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.5 Apache Tomcat 9.0.0.M1 to 9.0.45 Apache Tomcat 8.5.0 to 8.5.65 Apache Tomcat 7.0.0 to 7.0.108 Description: Queries made by the JNDI Realm

[SECURITY] CVE-2021-33037 Apache Tomcat HTTP request smuggling

CVE-2021-33037 HTTP request smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.6 Apache Tomcat 9.0.0.M1 to 9.0.46 Apache Tomcat 8.5.0 to 8.5.66 Description: Apache Tomcat did not correctly parse the HTTP transfer-encoding req

[SECURITY] CVE-2021-30639 Apache Tomcat DoS

CVE-2021-30639 Denial of Service Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.0.3 to 10.0.4 Apache Tomcat 9.0.44 Apache Tomcat 8.5.64 Description: An error introduced as part of a change to improve error handling during non-blocking I/O meant

svn commit: r1891484 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs

Author: markt Date: Mon Jul 12 13:02:22 2021 New Revision: 1891484 URL: http://svn.apache.org/viewvc?rev=1891484&view=rev Log: Add details of CVE-2021-30639, CVE-2021-20640 & CVE-2021-33037 Modified: tomcat/site/trunk/docs/security-10.html tomcat/site/trunk/docs/security-7.html tomcat