Re: [ANNOUNCEMENT] Security Related Updates - Tomcat 3.1.1 and Tomcat 3.2.1

> Sorry, I thought that got answered. Yes, Nacho give me the answer a little time later ;-) Thanks to him since I was afraid to have broken something. > Sounds good! Thanks, prepare room on the server ;-)

Re: [ANNOUNCEMENT] Security Related Updates - Tomcat 3.1.1 and Tomcat 3.2.1

Gomez Henri wrote: > I've asked some days ago about the 'Attic ?'... > Sorry, I thought that got answered. The "attic" is CVS's way of dealing with files that are on one branch of a repository, but not another -- or cases where you deleted a file, but you might want to go back to a previously t

Re: [ANNOUNCEMENT] Security Related Updates - Tomcat 3.1.1 and Tomcat 3.2.1

> This raises an interesting policy issue that should be discussed. > In short, I think that packaging additional docs and fixes with your > 3.2.1 RPMs > is very misleading to Tomcat users, because what you get is *not* the > same as > what the "official" packages contain. I've added ajp13 multi

Re: [ANNOUNCEMENT] Security Related Updates - Tomcat 3.1.1 and Tomcat 3.2.1

GOMEZ Henri wrote: > >* This release fixes ***only*** the identified security > >vulnerabilities. > > It does not address any of the other bugs, or feature > >requests, related > > to Tomcat 3.2 final. These issues will be dealt with in future > > maintenance releases of Tomcat 3.2 as appropr

RE: [ANNOUNCEMENT] Security Related Updates - Tomcat 3.1.1 and Tomcat 3.2.1

>* This release fixes ***only*** the identified security >vulnerabilities. > It does not address any of the other bugs, or feature >requests, related > to Tomcat 3.2 final. These issues will be dealt with in future > maintenance releases of Tomcat 3.2 as appropriate. > Not totally true sinc

Re: [ANNOUNCEMENT] Security Related Updates - Tomcat 3.1.1 and Tomcat 3.2.1

het Craig - sorry to be dense - but what are the "appropriate contents" that should be replaced by 3.2.1? Is this just the various jar's in /lib? -- Wishing you an "OOBA OOBA" Y2K Horace...once known as "Kicker" :-) =

Re: [ANNOUNCEMENT] Security Related Updates - Tomcat 3.1.1 and Tomcat 3.2.1

Aron Kramlik wrote: > Has there been a definitive list of these security problems with > TC 3.1 or TC 3.2? > The definitive lists of what vulnerabilities were fixed are in the release notes document for each version (file "doc/readme" in the download). Subscribers to TOMCAT-DEV also saw the CVS

RE: [ANNOUNCEMENT] Security Related Updates - Tomcat 3.1.1 and Tomcat 3.2.1

Has there been a definitive list of these security problems with TC 3.1 or TC 3.2? What are the "appropriate contents" of the $TOMCAT_HOME directory that I need to replace for both TC 3.1 and TC 3.2? Aron Kramlik. -Original Message- From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]