The processing of applying the digital signature to the original e-mail
made the patches hard to read. E-mail clients that can process digital
signatures should undo this formatting.
For those folks with an e-mail client that can't process OpenGPG signed
e-mail, the patches have been placed on the
On 22/11/2010 19:52, Konstantin Kolinko wrote:
> 2010/11/22 Mark Thomas :
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
>>
>
> (...)
>
> FYI:
> The patches included in the announcement are hardly readable, because
> th
2010/11/22 Mark Thomas :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
>
(...)
FYI:
The patches included in the announcement are hardly readable, because
the mailing software replaced '-' with '- -' and the start of lines,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
Severity: Tomcat 7.0.x - Low, Tomcat 6.0.x - Moderate
Vendor: The Apache Software Foundation
Versions Affected:
- - Tomcat 7.0.0 to 7.0.4
- Not affected in default configuration.
