Pier Fumagalli wrote: > They come up every now and then... That's why Costin wanted that > all-private for your eyes only noone who is not cross checked with the FBI > gets in security mailing list, right?...
Wrong. The list is for all tomcat committers - and all security information will be posted after the fix is done. The list is created - and will hopefully be used next time a security problem is found. > Ehemm... With 24 pages of vulnerability notes? Ha.. Hahaha.... Hahahaha! > :-) Again ? There are 24 results - not 24 pages of results. And if you go down the page - many are not in tomcat. Try the same thing for apache. Yes - any code may have vulnerabilities, and the more code you have, the more bugs you'll have. We can only do our best so that our code has fewer bugs - but that shouldn't stop us from distributing the code we write ( i.e. tomcat and jasper ). Costin -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>