Ok, thanks for your quick reply.
--
BR,
chris
From: Mark Thomas ma...@apache.org
Sent: Thursday, February 27, 2014 1:53 PM
To: Tomcat Users List
Subject: Re: Are these CVEs fixed in tomcat 7 ?
On 27/02/2014 12:49, Christian Rustøen wrote:
Hi
Based on the apache security reports i dont see any mention of these CVEs b=
eing fixed in tomcat, and as they have a very high score i would like to kn=
ow if they have been fixed.
These are almost 3-4 years old but as i dont see any mention on them in the=
security reports i would still like to know as im planning to use this con=
tainer in an environment where security is very important.
CVE-2011-1571
The above issue is a Liferay vulnerability, not an Apache Tomcat
vulnerability.
CVE-2010-0557
The above issue is a IBM Cognos Express vulnerability, not an Apache
Tomcat vulnerability.
Since neither of the above issues is a vulnerability in Apache Tomcat
you won't find any information on these vulnerabilities at the ASF.
Mark
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
