achibear opened a new pull request, #718: URL: https://github.com/apache/tomcat/pull/718
Tomcat 8 fixed the CVE-2024-23672 vulnerability through commit [3631adb1](https://github.com/apache/tomcat/commit/3631adb1342d8bbd8598802a12b63ad02c37d591). However, we have discovered similar unpatched code in Tomcat 7. Should we apply similar code changes to fix the vulnerability in this branch? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org