On 26/06/2020 13:35, Kasteleijn, Wilco wrote:
> Hello, we would like to know if this vulnerability is only applicable for 
> usage of the coyote http connector?

It only applies when using the HTTP/2 protocol. That is only available
with an HTTP connector.

> We are using Tomcat 8.5.55 in combination with a apache HTTPD proxy setup 
> that is connected via the AJP connector. Are we also affected in that case?

No. AJP is not affected.


> Regards, Wilco.
> This message contains confidential or privileged information and is intended 
> only for the individual named. If you have received it by mistake, please let 
> us know by e-mail reply and delete it from your system; you may not copy this 
> message or disclose its contents to anyone. Please note that any views or 
> opinions presented in this email are solely those of the author and do not 
> necessarily represent those of the company. Nothing in this email is intended 
> to bind Elemica, Inc., which only operates under the terms of written 
> agreements signed by an authorized officer. E-mail transmission cannot be 
> guaranteed to be secure or error-free as information could be intercepted, 
> corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. 
> The sender therefore does not accept liability for any errors or omissions in 
> the contents of this message, which arise as a result of e-mail transmission.
> Disclaimer
> The information contained in this communication from the sender is 
> confidential. It is intended solely for use by the recipient and others 
> authorized to receive it. If you are not the recipient, you are hereby 
> notified that any disclosure, copying, distribution or taking action in 
> relation of the contents of this information is strictly prohibited and may 
> be unlawful.
> This email has been scanned for viruses and malware, and may have been 
> automatically archived by Mimecast Ltd, an innovator in Software as a Service 
> (SaaS) for business. Providing a safer and more useful place for your human 
> generated data. Specializing in; Security, archiving and compliance. To find 
> out more visit the Mimecast website.

To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to