On Tuesday 14 August 2007 18:52:22 Christopher Schultz wrote: > Mark, > > Mark Thomas wrote: > > CVE-2007-3382: Handling of cookies containing a ' character > > > > Versions Affected: > > 5.5.0 to 5.5.24 > > Since 5.5.24 isn't yet released, will an upcoming 5.5.24 release include > > a fix for this problem given: > > Mitigation: > > Upgrade to 6.0.14 > > ?
Are Tomcat developers being trying to be funny? Suggested fix for a security bug is a version jump? *sigh* /ismail -- Perfect is the enemy of good _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
