+---+
| Bugzilla Bug ID |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned
+---+
| Bugzilla Bug ID |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned
+---+
| Bugzilla Bug ID |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned
+---+
| Bugzilla Bug ID |
| +-+
| | Status: UNC=Unconfirmed NEW=New ASS=Assigned
https://issues.apache.org/bugzilla/show_bug.cgi?id=45106
Mark Thomas [EMAIL PROTECTED] changed:
What|Removed |Added
Status|NEW |RESOLVED
[EMAIL PROTECTED] wrote:
Author: mturk
Date: Fri May 30 04:25:04 2008
New Revision: 661653
URL: http://svn.apache.org/viewvc?rev=661653view=rev
Log:
Add note to changelog about BZ45071
Modified:
tomcat/connectors/trunk/jni/xdocs/miscellaneous/changelog.xml
Thanks I missed the file name
Mladen Turk wrote:
jean-frederic clere wrote:
[EMAIL PROTECTED] wrote:
Author: mturk
Date: Mon May 26 05:42:11 2008
New Revision: 660175
URL: http://svn.apache.org/viewvc?rev=660175view=rev
Log:
Fix 45071 by updating ttl for signaled but not removed sockets
Modified:
https://issues.apache.org/bugzilla/show_bug.cgi?id=45108
Julian Reschke [EMAIL PROTECTED] changed:
What|Removed |Added
CC||[EMAIL
https://issues.apache.org/bugzilla/show_bug.cgi?id=45108
--- Comment #4 from Julian Reschke [EMAIL PROTECTED] 2008-06-02 05:09:28 PST
---
Ampersands in content need to be escaped, both in HTML and XML.
This isn't even a validity, but an XML-wellformedness error.
--
Configure bugmail:
https://issues.apache.org/bugzilla/show_bug.cgi?id=45102
Mark Thomas [EMAIL PROTECTED] changed:
What|Removed |Added
Status|NEW |NEEDINFO
---
https://issues.apache.org/bugzilla/show_bug.cgi?id=45108
Simon Gibbs [EMAIL PROTECTED] changed:
What|Removed |Added
Status|RESOLVED|REOPENED
Author: markt
Date: Mon Jun 2 14:41:28 2008
New Revision: 662582
URL: http://svn.apache.org/viewvc?rev=662582view=rev
Log:
Fix potential XSS in host-manager.
This is CVE-2008-1947.
Modified:
tomcat/trunk/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java
Modified:
Author: markt
Date: Mon Jun 2 14:41:36 2008
New Revision: 662583
URL: http://svn.apache.org/viewvc?rev=662583view=rev
Log:
Fix potential XSS in host-manager.
This is CVE-2008-1947.
Modified:
Author: markt
Date: Mon Jun 2 14:42:03 2008
New Revision: 662584
URL: http://svn.apache.org/viewvc?rev=662584view=rev
Log:
Document potential XSS in host-manager.
This is CVE-2008-1947.
Modified:
tomcat/site/trunk/docs/security-5.html
tomcat/site/trunk/docs/security-6.html
Author: markt
Date: Mon Jun 2 14:44:22 2008
New Revision: 662585
URL: http://svn.apache.org/viewvc?rev=662585view=rev
Log:
Fix potential XSS in host-manager.
This is CVE-2008-1947.
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java
Modified:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2008-1947: Tomcat host-manager XSS vulnerability
Severity: Low
Vendor: The Apache Software Foundation
Versions Affected:
Tomcat 5.5.9 to 5.5.26
Tomcat 6.0.0 to 6.0.16
This issue has been fixed in the source repositories for each version and
16 matches
Mail list logo
