[SECURITY] CVE-2024-21733 Apache Tomcat - Information Disclosure

CVE-2023-46589 Apache Tomcat - Information Disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0-M11 to 9.0.43 Apache Tomcat 8.5.7 to 8.5.63 Description: Incomplete POST requests triggered an error response that could contain data from a

Re: [SECURITY] CVE-2024-21733 Apache Tomcat - Information Disclosure

Correcting the CVE reference in the text (the subject line is correct) Mark On 19/01/2024 10:17, Mark Thomas wrote: CVE-2023-21733 Apache Tomcat - Information Disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0-M11 to 9.0.43 Apache

Re: Getting Two times login page issue.

Mohit, Please don't hijack threads. On 1/18/24 20:08, Chaudhary, Mohit wrote: Hello Team , We are facing a issue with the tomcat application login URL , where it is asking twice for login to the user , with first login it will redirect again to the login page , while reentering the

RE: Re: EOL - Tomcat versions

@Mark Thomas, Is it possible to consider that the minimum support time of Apache Tomcat 9.0.X is until 2027 (10 years since Released)? Thanks. On 2024/01/08 08:42:28 Mark Thomas wrote: > > > On 08/01/2024 06:47, i...@flyingfischer.ch wrote: > > https://endoflife.date/tomcat > > > > Am

Apache Tomcat Windows Service fails when running in OpenJDK 11

Hi all, I have been installing and running a Windows Service using Tomcat 9.0.83 on OpenJDK 8 just fine. But when I moved to OpenJDK 11, specifically microsoft-jdk-11.0.21-windows-x64.zip, the Service always fails to start with the following error logged in commons-daemon.log: [2024-01-19

Re: Apache Tomcat Windows Service fails when running in OpenJDK 11

On Fri, Jan 19, 2024 at 4:05 PM Decarbon wrote: > Hi all, > > I have been installing and running a Windows Service using Tomcat 9.0.83 > on OpenJDK 8 just fine. But when I moved to OpenJDK 11, specifically > microsoft-jdk-11.0.21-windows-x64.zip, the Service always fails to start > with the

Re: EOL - Tomcat versions

Francisco, On 1/19/24 14:06, Francisco Dellanio Leite Alencar wrote: Is it possible to consider that the minimum support time of Apache Tomcat 9.0.X is until 2027 (10 years since Released)? Did you take a look at the mailing list thread references? -chris On 2024/01/08 08:42:28 Mark Thomas

Re: EOL - Tomcat versions

On 19/01/2024 19:06, Francisco Dellanio Leite Alencar wrote: @Mark Thomas, Is it possible to consider that the minimum support time of Apache Tomcat 9.0.X is until 2027 (10 years since Released)? I'd say 2027 is a reasonable estimate of the likely EOL date for 9.0.x but I'm not going to