Roger that, thanks
On Thu, Oct 18, 2018, 9:38 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Alex,
>
> On 10/18/18 11:08, Alex O'Ree wrote:
> > Basically. I start with the tomcat distro, apply my changes, then
> > zip it up
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Alex,
On 10/18/18 11:08, Alex O'Ree wrote:
> Basically. I start with the tomcat distro, apply my changes, then
> zip it up and distribute. I'm at a situation when patches are
> preferable over a complete reinstall of my product thus the
> inquiry.
Basically. I start with the tomcat distro, apply my changes, then zip it
up and distribute. I'm at a situation when patches are preferable over a
complete reinstall of my product thus the inquiry. I can probably just
replace all the tomcat bits and be done with it.
On Thu, Oct 18, 2018, 8:52 AM
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Alex,
On 10/14/18 18:06, Alex O'Ree wrote:
> Is there perhaps a patch that can be applied or better yet, a list
> of jars that are were affected by this? (I'm just trying to find a
> simple way to patch a large volume of servers)
There is nothing o
Is there perhaps a patch that can be applied or better yet, a list of jars
that are were affected by this? (I'm just trying to find a simple way to
patch a large volume of servers)
On Wed, Oct 10, 2018 at 10:23 AM Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark and Michael,
On 10/10/18 05:15, Mark Thomas wrote:
> On 08/10/18 21:55, Michael Yoder wrote:
>> On Wed, Oct 3, 2018 at 12:50 PM Mark Thomas
>> wrote:
>>> CVE-2018-11784 Apache Tomcat - Open Redirect
>>
>> Is it possible to get more informatio
On 08/10/18 21:55, Michael Yoder wrote:
> On Wed, Oct 3, 2018 at 12:50 PM Mark Thomas wrote:
>> CVE-2018-11784 Apache Tomcat - Open Redirect
>
> Is it possible to get more information on the "specially crafted URL"?
> I'd like more information so that I can test if some of our apps are
> vulnera
On Wed, Oct 3, 2018 at 12:50 PM Mark Thomas wrote:
> CVE-2018-11784 Apache Tomcat - Open Redirect
Is it possible to get more information on the "specially crafted URL"?
I'd like more information so that I can test if some of our apps are
vulnerable.
In addition, I'd like to verify that the valu
CVE-2018-11784 Apache Tomcat - Open Redirect
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 9.0.0.M1 to 9.0.11
Apache Tomcat 8.5.0 to 8.5.33
Apache Tomcat 7.0.23 to 7.0.90
The unsupported 8.0.x release line has not been analysed but is likely
to be aff