On 20/06/2019 20:35, Amit Pande wrote:
> Could you please clarify:
>
> Affected versions 8.5.0 to 8.5.40
> Mitigation says: 8.5.40 or later
>
> What am I missing?
Nothing.
The affected versions are correct.
The mitigation is not. It should be 8.5.41 or later. I'll issue a
correction.
Thanks
Could you please clarify:
Affected versions 8.5.0 to 8.5.40
Mitigation says: 8.5.40 or later
What am I missing?
> On Jun 20, 2019, at 2:25 PM, Mark Thomas wrote:
>
> CVE-2019-10072 Apache Tomcat HTTP/2 DoS
>
> Severity: Important
>
> Vendor: The Apache Software Foundation
>
> Versions
