Re: Invoke methods in EL?

Thanks Mark. That does help. On Mon, 2017-04-10 at 23:24 +0100, Mark Thomas wrote: > On 10/04/17 16:35, Tim Watts wrote: > > Environment: Tomcat 7.0.59; JRE 1.8.0_72 > > > > I suspect the answer to my problem is "You can't do that" but here goes: > > > > A simple JSP that tries to get a

Re: Invoke methods in EL?

On 10/04/17 16:35, Tim Watts wrote: > Environment: Tomcat 7.0.59; JRE 1.8.0_72 > > I suspect the answer to my problem is "You can't do that" but here goes: > > A simple JSP that tries to get a Calendar instance and outputs the year: > > <%@ page language="java" > contentType="text/html; >

Re: [SECURITY] CVE-2017-5647 Apache Tomcat Information Disclosure

On 10/04/17 20:41, Stefan Mayr wrote: > Hi, > > Am 10.04.2017 um 21:14 schrieb Mark Thomas: >> CVE-2017-5647 Apache Tomcat Information Disclosure >> >> Severity: Important >> >> Vendor: The Apache Software Foundation >> >> Versions Affected: >> Apache Tomcat 9.0.0.M1 to 9.0.0.M18 >> Apache Tomcat

Re: [SECURITY] CVE-2017-5647 Apache Tomcat Information Disclosure

Hi, Am 10.04.2017 um 21:14 schrieb Mark Thomas: > CVE-2017-5647 Apache Tomcat Information Disclosure > > Severity: Important > > Vendor: The Apache Software Foundation > > Versions Affected: > Apache Tomcat 9.0.0.M1 to 9.0.0.M18 > Apache Tomcat 8.5.0 to 8.5.12 > Apache Tomcat 8.0.0.RC1 to

Using Log4J2 2.8 (via the 1.2 API Bridge) for Tomcat8 Internal Logging - RollingFileAppender does not (cannot?) create new Log File

Hi, I’m using Log4J2 (2.8) via the 1.2 API Bridge for Tomcat 8 internal logging. I followed the instructions here: https://tomcat.apache.org/tomcat-8.0-doc/logging.html#Using_Log4j - With the exception that I also copied the

[SECURITY] CVE-2017-5648 Apache Tomcat Information Disclosure

CVE-2017-5648 Apache Tomcat Information Disclosure Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.0.M17 Apache Tomcat 8.5.0 to 8.5.11 Apache Tomcat 8.0.0.RC1 to 8.0.41 Apache Tomcat 7.0.0 to 7.0.75 Apache Tomcat 6.0.x is not affected

[SECURITY] CVE-2017-5647 Apache Tomcat Information Disclosure

CVE-2017-5647 Apache Tomcat Information Disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.0.M18 Apache Tomcat 8.5.0 to 8.5.12 Apache Tomcat 8.0.0.RC1 to 8.0.42 Apache Tomcat 7.0.0 to 7.0.76 Apache Tomcat 6.0.0 to 6.0.52

[SECURITY] CVE-2017-5650 Apache Tomcat Denial of Service

CVE-2017-5650 Apache Tomcat Denial of Service Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.0.M18 Apache Tomcat 8.5.0 to 8.5.12 Apache Tomcat 8.0.x and earlier are not affected Description The handling of an HTTP/2 GOAWAY frame for

[SECURITY] CVE-2017-5651 Apache Tomcat Information Disclosure

CVE-2017-5651 Apache Tomcat Information Disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.0.M18 Apache Tomcat 8.5.0 to 8.5.12 Apache Tomcat 8.0.x and earlier are not affected Description: The refactoring of the HTTP

Invoke methods in EL?

Environment: Tomcat 7.0.59; JRE 1.8.0_72 I suspect the answer to my problem is "You can't do that" but here goes: A simple JSP that tries to get a Calendar instance and outputs the year: <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ taglib