Dave, By all means...go for it! ;-)
Jeff Dave Colasurdo wrote: > Jeff Genender wrote: >> >>> >>> Since Tomcat claims to fix this in v5.5.7, we may have to implement the >>> tactical solution in our apps till we move to Tomcat 5.5.7. >> >> >> We currently use 5.5.9, so I would assume this has been tended too. Has >> anybody examined this to be the case (or not)? >> > > Ran a quick test with various levels of Tomcat. The vulnerability was > fixed in Tomcat 5.5.7 though seems to have reared it's head again in > Tomcat 5.5.9 and 5.5.12. > > Jeff, Are you planning to pursue with the Tomcat folks or do I need to > post to their user mailing list? > > Thanks > -Dave- > >
