Is there an ETA when a fix for this vulnerability will be released?
> From: [email protected] > Date: Thu, 20 Mar 2014 17:06:01 +0100 > Subject: Re: TomEE CVE-2014-0050 > To: [email protected] > > 7.0.47 > Romain Manni-Bucau > Twitter: @rmannibucau > Blog: http://rmannibucau.wordpress.com/ > LinkedIn: http://fr.linkedin.com/in/rmannibucau > Github: https://github.com/rmannibucau > > > > 2014-03-20 17:03 GMT+01:00 Parminder Singh <[email protected]>: > > What version of Tomcat do we get when we download TomEE plus from here: > > http://www.apache.org/dyn/closer.cgi/tomee/tomee-1.6.0/apache-tomee-1.6.0-plus.zip > > > >> From: [email protected] > >> Date: Thu, 20 Mar 2014 16:59:01 +0100 > >> Subject: Re: TomEE CVE-2014-0050 > >> To: [email protected] > >> > >> tomee uses tomcat 7.0.52 only on trunk > >> Romain Manni-Bucau > >> Twitter: @rmannibucau > >> Blog: http://rmannibucau.wordpress.com/ > >> LinkedIn: http://fr.linkedin.com/in/rmannibucau > >> Github: https://github.com/rmannibucau > >> > >> > >> > >> 2014-03-20 16:54 GMT+01:00 Parminder Singh <[email protected]>: > >> > What version of Tomcat is TomEE 1.6 based on? We need to upgrade to > >> > TomEE from Tomcat 7.0.52 but want to make sure that that the issue > >> > CVE-2014-0050 is not there in TomEE 1.6. > >> > > >
