-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 3/15/16 5:19 AM, Mark Thomas wrote:
> This comes down to the threat scenarios in which Tomcat is intended
> to be secure. A vulnerability is, essentially, when an attacker is
> able to bypass that security in some way.
>
> Tomcat is not
On 14/03/2016 21:01, Christopher Schultz wrote:
> On 3/11/16 4:10 AM, Mark Thomas wrote:
>> On 11/03/2016 01:43, Christopher Schultz wrote:
>>> If you don't have any applications that have known problematic
>>> classes in them (such as the famous commons-collections bug),
>>> then you aren't
,
>>> and we found that we had the same problem with “deserialization
>>> vulnerability”.
>>
>>> How can I fix deserialization vulnerability in tomcat?
>>
>> If you don't have any applications that have known problematic
>> classes in them (suc
On 11/03/2016 01:43, Christopher Schultz wrote:
> 林慶龍,
>
> On 3/10/16 8:07 PM, 林慶龍 Barry Lin wrote:
>> These days, Everyone talks about the vulnerability in Tomcat, and
>> we found that we had the same problem with “deserialization
>> vulnerability”.
>
&g
2016-03-11 2:07 GMT+01:00 林慶龍 Barry Lin <u0124...@digiwin.biz>:
> Dears:
>
> These days, Everyone talks about the vulnerability in Tomcat, and we found
> that we had the same problem with “deserialization vulnerability”.
>
> How can I fix deserialization vulnerability in tom
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
林慶龍,
On 3/10/16 8:07 PM, 林慶龍 Barry Lin wrote:
> These days, Everyone talks about the vulnerability in Tomcat, and
> we found that we had the same problem with “deserialization
> vulnerability”.
>
> How can I fix deserializatio
Dears:
These days, Everyone talks about the vulnerability in Tomcat, and we found that
we had the same problem with “deserialization vulnerability”.
How can I fix deserialization vulnerability in tomcat?
Thanks for your help!
Best regard,
Barry Lin
鼎捷
(鼎新電腦股份有限公司、鼎誠資訊股份有限公司、鼎捷軟件股份有限公司及