> HI Tomcat PMC,
>
> Please ensure I had showing my interest as a committer as I have been
> passed my contribution status from a range of having said that few
> contributions
>
> regards,
> Koteswararao
>
CVE-2024-23672 Apache Tomcat - Denial of Service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.0-M16
Apache Tomcat 10.1.0-M1 to 10.1.18
Apache Tomcat 9.0.0-M1 to 9.0.85
Apache Tomcat 8.5.0 to 8.5.98
Description:
It was possible
CVE-2024-24549 Apache Tomcat - Denial of Service
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.0-M16
Apache Tomcat 10.1.0-M1 to 10.1.18
Apache Tomcat 9.0.0-M1 to 9.0.85
Apache Tomcat 8.5.0 to 8.5.98
Description:
When processing
Author: markt
Date: Wed Mar 13 15:41:32 2024
New Revision: 1916277
URL: http://svn.apache.org/viewvc?rev=1916277=rev
Log:
Add CVE-2024-23672 and CVE-2024-24549
Modified:
tomcat/site/trunk/docs/security-10.html
tomcat/site/trunk/docs/security-11.html
On 13/03/2024 14:38, Rémy Maucherat wrote:
wrote:
1. A longer default nag-duration
That's a good start. If it is meant to be enabled by default, I would
like a value that is long enough so that it is almost certain there's
an issue. 2 years ?
Rémy
2. Add an explicit "disable" (e.g.
n Wed, Mar 13, 2024 at 2:55 PM Christopher Schultz
wrote:
>
> Rémy,
>
> On 3/12/24 12:05, Rémy Maucherat wrote:
> > On Tue, Mar 12, 2024 at 3:02 PM Christopher Schultz
> > wrote:
> >>
> >> Mark,
> >>
> >> On 3/12/24 05:00, Mark Thomas wrote:
> >>> On 11/03/2024 21:38, schu...@apache.org wrote:
>
Rémy,
On 3/12/24 12:05, Rémy Maucherat wrote:
On Tue, Mar 12, 2024 at 3:02 PM Christopher Schultz
wrote:
Mark,
On 3/12/24 05:00, Mark Thomas wrote:
On 11/03/2024 21:38, schu...@apache.org wrote:
This is an automated email from the ASF dual-hosted git repository.
schultz pushed a commit
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 0675222e36 Correctly handle tag libraries packaged
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new bf302b226b Correctly handle tag libraries packaged
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new f159cd54c1 Correctly handle tag libraries
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 459c12275f Correctly handle tag libraries packaged
On 11/03/2024 11:09, Rémy Maucherat wrote:
The proposed 9.0.87 release is:
[ ] -1, Broken - do not release
[X] +1, Stable - go ahead and release as 9.0.87
Tests pass on Linux, Windows and MacOS (M1).
I'm currently unable to test on Intel MacOS due to security software
recently installed by
12 matches
Mail list logo
