> From: Baron Fujimoto [mailto:ba...@hawaii.edu] > Subject: Re: [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload
> I haven't seen an announcement for 8.0.47, nor does the Apache Tomcat > website seem to reference it yet, but it appears to be available in the > distribution archive(s). E.g.: > <http://archive.apache.org/dist/tomcat/tomcat-8/v8.0.47/bin/> > Is this 8.0.47 blessed for use? Pretty much - the voting process completed over the weekend (it passed), but the announcement isn't made until the mirrors all catch up. Should be fine to use from the archive. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
smime.p7s
Description: S/MIME cryptographic signature