subject:"RE\: Apache Struts 2 Vulnerability in Tomcat 7.x"

RE: Apache Struts 2 Vulnerability in Tomcat 7.x

2017-09-08 Thread Billy Aung Myint

September, 2017 5:12 PM To: users@tomcat.apache.org Subject: Re: Apache Struts 2 Vulnerability in Tomcat 7.x Am 08.09.2017 um 10:59 schrieb Billy Aung Myint: > Hi Everyone, > > May I know if Tomcat 7.x version is affected by the Apache Struts 2 > vulnerability? > I mean does

Re: Apache Struts 2 Vulnerability in Tomcat 7.x

2017-09-08 Thread Mark Thomas

On 08/09/17 09:59, Billy Aung Myint wrote: > Hi Everyone, > > May I know if Tomcat 7.x version is affected by the Apache Struts 2 > vulnerability? Which one? I'm guessing you mean CVE-2017-9805. It actually doesn't matter in this case but security vulnerabilities are given identifiers exactly

Re: Apache Struts 2 Vulnerability in Tomcat 7.x

2017-09-08 Thread i...@flyingfischer.ch

Am 08.09.2017 um 10:59 schrieb Billy Aung Myint: > Hi Everyone, > > May I know if Tomcat 7.x version is affected by the Apache Struts 2 > vulnerability? > I mean does Tomcat uses any of the Struts' libraries or such in any part of > the Tomcat? > > Thanks! > Tomcat is affected by Tomcat