Now (as John Cleese would say) for something completely different.
I've got my indpendent Tomcat and httpd servers on the development box
(the Amazon Linux "Not 2" instance) successfully obtaining, using and (I
hope) auto-renewing a Let's Encrypt cert via Lego. (I'll know more on
September 6th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
All,
I'm happy to announce that the Apache Tomcat track schedule has been
posted for ApacheCon @ Home, our virtual conference to replace
"ApacheCon North America 2020". If you use social media to discuss
this event, please use #ACAH2020 and tag @apa
On 14/08/2020 12:24, Nic P wrote:
> Mark - per NIST this CVEis listed as impact to tomcat
> https://nvd.nist.gov/vuln/detail/CVE-2016-5388 which is how we came to find
> evidence for audit on the version where this was remediated.
As per that description:
...this is not a CVE ID for a vulnerabili
Mark - per NIST this CVEis listed as impact to tomcat
https://nvd.nist.gov/vuln/detail/CVE-2016-5388 which is how we came to find
evidence for audit on the version where this was remediated.
On Fri, Aug 14, 2020 at 4:15 AM Mark Thomas wrote:
> On 13/08/2020 20:52, Nic P wrote:
> > Hi
> >
> > Ca
On 13/08/2020 20:52, Nic P wrote:
> Hi
>
> Can anyone help me understand why some CVE's show in the changelog but not
> on the security report?
>
> Example is CVE-2016-5388 which shows as fixed in 8.0.37 changelog but
> missing on the security report.
>
> This has come up in a audit and hard to
