Looks like it is fixed. http://tomcat.apache.org/security-4.html
Better confirm though.. Mary >>> "li.weijie" <[EMAIL PROTECTED]> 12/17/07 2:47 PM >>> HI, I'm a user of tomcat4.1.24. I knew that the version with the vulnerability problem of CVE-2007-1355 . But I don't know how to fix it. I want to know whether the version of 4.1.36(stable) could be downloaded from http://tomcat.apache.org/download-41.cgi has already fixed the problem. If not , how can i get a safety version? Need your help! --------------------------------- 天生购物狂,狂抢购物券,你还等什么!
