Want to confirm fix of a security vulnerability

[Jayant Sane]

Pardon the re-post but I just wanted some kind of ack from the Tomcat dev team 
on the following. 
Has the Tomcat WAR deployment directory traversal... issue as detailed 
in http://securitytracker.com/id/1023504 been fixed in version 7.0.023? 
As I mentioned, the Apache security team wont comment on known security issues. 

many thanks,Jayant
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Question about a known security vulnerability

[Jayant Sane]

Hello, 

This is in regard to the security vulnerability Tomcat WAR Deployment 
Directory Traversal Flaw May Cause Files to Be Deleted as detailed 
in  http://securitytracker.com/id/1023504
Per the above, versions 5.5.0-5.5.28, 6.0.0-6.0.20 and possibly earlier 
versions were affected. 
Question: Does this affect version 7.0.23 and/or has it been confirmed fixed 
for v7.0.23?

The website security test tool we use reports this issue being present even in 
Tomcat version 7.0.23 so wanted to know.  I
I was told that I cannot post this question to the email address meant for 
reporting undisclosed security vulnerabilities and I understand. 
thanks in advance,Jayant  
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org