On Sat, Jun 30, 2018 at 04:24:24PM +0200, Markus Koschany wrote:
> Am 30.06.2018 um 04:00 schrieb Roberto C. Sánchez:
> [...]
> > Comments and suggestions are most welcome.
>
> I would suggest to fix the open CVE via patches for now. Being EOL does
> not necessarily mean that we cannot backport fi
Am 30.06.2018 um 04:00 schrieb Roberto C. Sánchez:
[...]
> Comments and suggestions are most welcome.
I would suggest to fix the open CVE via patches for now. Being EOL does
not necessarily mean that we cannot backport fixes from the 8.5 branch
but at some point upgrading from 8.x to 8.5 might be
I am working on tomcat8 to address the two currently outstanding CVEs.
After I approached him for some guidance, Markus Koschany pointed out
that upstream has made an [END OF LIFE] announcement for Tomcat 8.0.
Support ends on 30th June.
The patches for the two currently outsanding CVEs apply relat
