Chris - (I just did a reply in Outlook and this is how it got packaged. Didn't look that way to me, but got it that way on the send-back. Either Exchange or my email filter - which adds the confidentialiy footer - did this.)
I figured it was only with the regular. Just wanted a clarification in case some folks were thinking it applied to the native libraries (APR). I've noticed a lot of folks confuse the two on this list. Also it was a slight prompt to the original poster that perhaps he should install the native libraries when he does finally go to 6.x. IIRC, they are not available to 4.x. Jeff -----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Jeff, (Strange... to me, your message looked like an attachment to the security notice that would typically be put at the end of a message. When I tried to reply to that, all the characters got all wonky. At least coy-paste still works :) On 8/12/2009 10:51 AM, Jeffrey Janner wrote: > Just to clarify some things: This CVE only applies to the default > SSL connector functionality. It doesn't apply to the APR/OpenSSL > connector. Correct? I would guess not, since APR uses openssl which has its own default set of ciphers. On the other hand, Tomcat could override the default set of ciphers when configuring APR at runtime. ******************************* NOTICE ********************************* This message is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by reply or by telephone (call us collect at 512-343-9100) and immediately delete this message and all its attachments.