announce  

Messages by Thread

• [ANN] Apache Tomcat Native 1.2.37 released Mark Thomas
• [ANN] Apache Tomcat Native 2.0.4 released Mark Thomas
• [SECURITY] CVE-2023-28709 Apache Tomcat - Fix for CVE-2023-24998 was incomplete Mark Thomas
• [ANN] Apache Tomcat 8.5.89 available Christopher Schultz
• [ANN] Apache Tomcat 9.0.75 available Rémy Maucherat
• [ANN] Apache Tomcat 11.0.0-M6 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 10.1.8 available Christopher Schultz
• [ANN] Apache Tomcat 8.5.88 available Christopher Schultz
• [ANN] Apache Tomcat 11.0.0-M5 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 9.0.74 available Rémy Maucherat
• [SECURITY] CVE-2023-28708 Apache Tomcat - Information Disclosure Mark Thomas
• [ANN] Apache Tomcat 11.0.0-M4 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 10.1.7 available Christopher Schultz
• [ANN] Apache Tomcat 8.5.87 available Christopher Schultz
• [ANN] Apache Tomcat 9.0.73 available Rémy Maucherat
• [ANN] Apache Tomcat 10.1.6 available Christopher Schultz
• [ANN] Apache Tomcat 8.5.86 available Christopher Schultz
• [ANN] Apache Tomcat 11.0.0-M3 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 9.0.72 available Rémy Maucherat
• [SECURITY] CVE-2023-24998 Apache Tomcat - FileUpload DoS with excessive parts Mark Thomas
  • [SECURITY] CVE-2023-24998 Apache Tomcat - FileUpload DoS with excessive parts Mark Thomas
• [ANN] Apache Tomcat Native 2.0.3 released Mark Thomas
• [ANN] Apache Tomcat Native 1.2.36 released Mark Thomas
• [ANN] Apache Tomcat 10.1.5 available Mark Thomas
• [ANN] Apache Tomcat 8.5.85 available [CORRECTION] Christopher Schultz
• [ANN] Apache Tomcat 9.0.71 available Rémy Maucherat
• [SECURITY] CVE-2022-45143 Apache Tomcat - JsonErrorReportValve injection Mark Thomas
• [ANN] End of life for Apache Tomcat 8.5.x Mark Thomas
• [ANN] Apache Tomcat 10.1.4 available Mark Thomas
• [ANN] Apache Tomcat 11.0.0-M1 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 9.0.70 available Rémy Maucherat
• [ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.6 Mark Thomas
• [ANN] Apache Tomcat 8.5.84 available Christopher Schultz
  • [ANN] Apache Tomcat 8.5.84 available Christopher Schultz
• [ANN] Apache Tomcat 9.0.69 available Rémy Maucherat
• [ANN] Apache Tomcat 10.1.2 available Mark Thomas
• [ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.5 Mark Thomas
• [ANN] Apache Tomcat Native 2.0.2 released Mark Thomas
• [SECURITY] CVE-2022-42252 Apache Tomcat - Request Smuggling Mark Thomas
• [ANN] Apache Tomcat 10.1.1 available Mark Thomas
• [ANN] Apache Tomcat 8.5.83 available Mark Thomas
• [ANN] Apache Tomcat 10.0.27 available Mark Thomas
• [ANN] Apache Tomcat 9.0.68 available Mark Thomas
• [SECURITY] CVE-2021-43980 Apache Tomcat - Information Disclosure Mark Thomas
• [ANN] Apache Tomcat 10.0.26 available Mark Thomas
• [ANN] Apache Tomcat 9.0.67 available Rémy Maucherat
• [ANN] Apache Tomcat 10.1.0 (stable) available Mark Thomas
• [ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.4 Mark Thomas
• [ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.3 Mark Thomas
• [ANN] Apache Tomcat 8.5.82 available Christopher Schultz
• [ANN] Apache Tomcat 10.0.23 available Mark Thomas
• [ANN] Apache Tomcat 9.0.65 available Rémy Maucherat
• [ANN] Apache Tomcat 10.1.0-M17 (beta) available Mark Thomas
• [ANN] Apache Tomcat Native 2.0.1 released Mark Thomas
• [ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.1 Mark Thomas
• [SECURITY] CVE-2022-34305 Apache Tomcat - XSS in examples web application Mark Thomas
• [ANN] Apache Tomcat Native 1.2.34 released Mark Thomas
• [ANN] Apache Tomcat 8.5.81 available Christopher Schultz
• [ANN] Apache Tomcat 10.0.22 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M16 (beta) available Mark Thomas
• [ANN] Apache Tomcat 9.0.64 available Rémy Maucherat
• [ANN] Apache Tomcat 8.5.79 available Christopher Schultz
• [ANN] Apache Tomcat 9.0.63 available Rémy Maucherat
• [ANN] Apache Tomcat 10.0.21 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M15 (alpha) available Mark Thomas
• [SECURITY] CVE-2022-25762 Apache Tomcat - Request Mix-up Mark Thomas
• [SECURITY] CVE-2022-29885 Apache Tomcat EncryptInterceptor DoS Mark Thomas
• [ANN] Apache Tomcat Native 1.2.33 released Mark Thomas
• [ANN] Apache Tomcat 8.5.78 available Mark Thomas
• [ANN] Apache Tomcat 9.0.62 available Rémy Maucherat
• [ANN] Apache Tomcat 10.0.20 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M14 (alpha) available Mark Thomas
• [ANN] Apache Tomcat Native 1.2.32 released Mark Thomas
• [ANN] Apache Tomcat 8.5.77 available Christopher Schultz
• [ANN] Apache Tomcat 9.0.60 available Rémy Maucherat
• [ANN] Apache Tomcat 10.0.18 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M12 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 9.0.59 available Rémy Maucherat
• [ANN] Apache Tomcat 10.1.0-M11 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 10.0.17 available Mark Thomas
• [SECURITY] CVE-2022-23181 Apache Tomcat Local Privilege Escalation Mark Thomas
• [ANN] Apache Tomcat 10.0.16 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M10 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 9.0.58 available Rémy Maucherat
• [ANN] Apache Tomcat 8.5.75 available Christopher Schultz
  • [ANN] Apache Tomcat 8.5.75 available Christopher Schultz
• [SECURITY] Apache Tomcat and CVE-2021-44228 (Log4j vulnerability) Mark Thomas
• [ANN] Apache Tomcat 9.0.56 available Rémy Maucherat
• [ANN] Apache Tomcat 10.0.14 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M8 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 8.5.73 available Christopher Schultz
• [ANN] Apache Tomcat 9.0.55 available Rémy Maucherat
• [ANN] Apache Tomcat 10.0.13 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M7 (alpha) available Mark Thomas
• [SECURITY] CVE-2021-42340 Apache Tomcat DoS Mark Thomas
• PROVIDSD-9581 [ANN] Apache Tomcat 8.5.72 available schu...@apache.org
• [ANN] Apache Tomcat 8.5.72 available Christopher Schultz
• [ANN] Apache Tomcat 9.0.54 available Rémy Maucherat
• [ANN] Apache Tomcat 10.0.12 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M6 (alpha) available Mark Thomas
• [SECURITY] CVE-2021-41079 Apache Tomcat DoS Mark Thomas
• [ANN] Tomcat 8.5.71 Released Christopher Schultz
• [ANN] Apache Tomcat 9.0.53 available Rémy Maucherat
• [ANN] Apache Tomcat 10.1.0-M5 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 10.0.11 available Mark Thomas
• [ANN] Apache Tomcat Native 1.2.31 released Mark Thomas
• [ANN] Apache Tomcat 8.5.70 available Mark Thomas
• [ANN] Apache Tomcat 9.0.52 available Rémy Maucherat
• [ANN] Apache Tomcat 10.1.0-M4 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 10.0.10 available Mark Thomas
• [SECURITY] CVE-2021-30640 Apache Tomcat JNDI realm authentication weakness Mark Thomas
• [SECURITY] CVE-2021-33037 Apache Tomcat HTTP request smuggling Mark Thomas
• [SECURITY] CVE-2021-30639 Apache Tomcat DoS Mark Thomas
• [ANN] Apache Tomcat 8.5.69 available Christopher Schultz
• [ANN] Apache Tomcat 9.0.50 available Rémy Maucherat
• [ANN] Apache Tomcat 10.0.8 available Mark Thomas
• [ANN] Apache Tomcat 10.1.0-M2 (alpha) available Mark Thomas
• [ANN] Apache Tomcat 9.0.48 available Rémy Maucherat
• [ANN] Apache Tomcat 10.0.7 available Mark Thomas
• [ANN] Apache Tomcat 8.5.68 available Christopher Schultz
  • [ANN] Apache Tomcat 8.5.68 available Christopher Schultz
• [ANN] Apache Tomcat Native 1.2.30 released Mark Thomas
• [ANN] Apache Tomcat 8.5.66 available Mark Thomas
• [ANN] Apache Tomcat 9.0.46 available Mark Thomas
• [ANN] Apache Tomcat 10.0.6 available Mark Thomas
• [ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.0 Mark Thomas
• [ANN] Apache Tomcat 7.0.109 released Violeta Georgieva
• [ANN] Apache Tomcat 8.5.65 available Mark Thomas
• [ANN] Apache Tomcat 9.0.45 available Mark Thomas
• [ANN] Apache Tomcat 10.0.5 available Mark Thomas
• [ANN] Apache Tomcat Native 1.2.28 released Mark Thomas
• [ANN] Apache Tomcat 8.5.64 available Mark Thomas
• [ANN] Apache Tomcat 9.0.44 available Mark Thomas
• [ANN] Apache Tomcat 10.0.4 available Mark Thomas
• [SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) Mark Thomas
• [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up Mark Thomas
• [ANN] Apache Tomcat Migration tool for Jakarta EE 0.2.0 Mark Thomas
• [ANN] Apache Tomcat 7.0.108 released Violeta Georgieva
• [ANN] Apache Tomcat 8.5.63 available Mark Thomas
• [ANN] Apache Tomcat 9.0.43 available Mark Thomas
• [ANN] Apache Tomcat 10.0.2 available Mark Thomas
• [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure Mark Thomas
• [ANN] Apache Tomcat Native 1.2.26 released Mark Thomas
• [ANN] Apache Tomcat 8.5.61 available Mark Thomas
• [ANN] Apache Tomcat 9.0.41 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0 (beta) available Mark Thomas
• [SECURITY] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up Mark Thomas
  • Re: [SECURITY][CORRECTION] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up Mark Thomas
• [ANN] Apache Tomcat 7.0.107 released Violeta Georgieva
• [ANN] Apache Tomcat 8.5.60 available Mark Thomas
• [ANN] Apache Tomcat 9.0.40 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M10 available Mark Thomas
• [SECURITY] CVE-2020-13943 Apache Tomcat HTTP/2 Request mix-up Mark Thomas
• [ANN] Apache Tomcat 9.0.39 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M9 available Mark Thomas
• [ANN] Apache Tomcat 8.5.59 available Mark Thomas
• [ANN] Apache Tomcat 7.0.106 released Violeta Georgieva
• [ANN] Apache Tomcat 8.5.58 available Mark Thomas
• [ANN] Apache Tomcat 9.0.38 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M8 available Mark Thomas
• [ANN] Apache Tomcat Native 1.2.25 released Mark Thomas
• [SECURITY] CVE-2020-13935 Apache Tomcat WebSocket Denial of Service Mark Thomas
• [SECURITY] CVE-2020-13934 Apache Tomcat HTTP/2 Denial of Service Mark Thomas
• [ANN] Apache Tomcat 7.0.105 released Violeta Georgieva
• [ANN] Apache Tomcat 8.5.57 available Mark Thomas
• [ANN] Apache Tomcat 9.0.37 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M7 available Mark Thomas
• [SECURITY] CVE-2020-11996 Apache Tomcat HTTP/2 Denial of Service Mark Thomas
• [ANN] Apache Tomcat 8.5.56 available Mark Thomas
• [ANN] Apache Tomcat 9.0.36 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M6 available Mark Thomas
• [SECURITY] CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence Mark Thomas
• Apache Tomcat 7.0.104 released Violeta Georgieva
• [ANN] Apache Tomcat 8.5.55 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M5 available Mark Thomas
• [ANN] Apache Tomcat Native 1.2.24 released Mark Thomas
• [ANN] Apache Tomcat 8.5.54 available Mark Thomas
• [ANN] Apache Tomcat 9.0.34 available Mark Thomas
  • [ANN] Apache Tomcat 9.0.34 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M4 available Mark Thomas
• [ANN] Apache Tomcat 7.0.103 released Violeta Georgieva
• [ANN] Apache Tomcat 8.5.53 available Mark Thomas
• [ANN] Apache Tomcat 9.0.33 available Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M3 available Mark Thomas
• [ANN] Apache Tomcat Connectors 1.2.48 released Mark Thomas
• [ANN] End of life for Apache Tomcat 7.0.x Mark Thomas
• [ANN] Apache Tomcat 10.0.0-M1 available Mark Thomas
• [SECURITY] CVE-2020-1938 AJP Request Injection and potential Remote Code Execution Mark Thomas
• [SECURITY] CVE-2019-17569 HTTP Request Smuggling Mark Thomas
• [SECURITY] CVE-2020-1935 HTTP Request Smuggling Mark Thomas
• [ANN] Apache Tomcat 7.0.100 released Violeta Georgieva
• [ANN] Apache Tomcat 8.5.51 available Mark Thomas
• [ANN] Apache Tomcat 9.0.31 available Mark Thomas
• [ANN] Apache Tomcat 7.0.99 released Violeta Georgieva
• [SECURITY] CVE-2019-17563 Session fixation Mark Thomas
• [SECURITY] CVE-2019-12418 Local Privilege Escalation Mark Thomas
• [ANN] Apache Tomcat 8.5.50 available Mark Thomas
• [ANN] Apache Tomcat 9.0.30 available Mark Thomas
• [ANN] Apache Tomcat 8.5.49 available Mark Thomas
• [ANN] Apache Tomcat 9.0.29 available Mark Thomas

• Earlier messages