On 08/03/2012 21:49, Jayant Sane wrote: > > Hello, > > This is in regard to the security vulnerability "Tomcat WAR Deployment > Directory Traversal Flaw May Cause Files to Be Deleted" as detailed in > http://securitytracker.com/id/1023504 > Per the above, versions 5.5.0-5.5.28, 6.0.0-6.0.20 and possibly earlier > versions were affected. > Question: Does this affect version 7.0.23 and/or has it been confirmed fixed > for v7.0.23? > > The website security test tool we use reports this issue being present even > in Tomcat version 7.0.23 so wanted to know. I
Is the tool saying that the issue has been detected in 7.0.23 upwards, or that it was fixed in 7.0.24? p > I was told that I cannot post this question to the email address meant for > reporting undisclosed security vulnerabilities and I understand. > thanks in advance,Jayant > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > -- [key:62590808]
signature.asc
Description: OpenPGP digital signature