Author: markt Revision: 1380829 Modified property: svn:log Modified: svn:log at Mon Nov 5 23:04:08 2012 ------------------------------------------------------------------------------ --- svn:log (original) +++ svn:log Mon Nov 5 23:04:08 2012 @@ -1 +1,3 @@ Various improvements to the DIGEST authenticator including <bug>52954</bug>, the disabling caching of an authenticated user in the session by default, tracking server rather than client nonces and better handling of stale nonce values. + +This fixed CVE-2012-3439 Apache Tomcat DIGEST authentication weaknesses
--------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
