2017-05-11 17:21 GMT+03:00 Pesonen, Harri <harri.peso...@sap.com>: > > Hello, > > the following lists Tomcat versions 8.5.0 – 8.5.12, does it mean that the problem has been fixed in 8.5.13 and later?
yes http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.13 Regards, Violeta > > > > https://nvd.nist.gov/vuln/detail/CVE-2017-5651 > > > > I assume that it has been fixed, as 8.5.13 readme has: > > > > 60918: Fix sendfile processing error that could lead to subsequent requests experiencing an IllegalStateException. (markt) > Improve sendfile handling when requests are pipelined. (markt) > > > > -Harri
