subject:"\[SECURITY\] CVE\-2008\-1947\: Tomcat host\-manager XSS vulnerability"

Re: [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability

2008-07-14 Thread Mark Thomas

Eric Hawkes wrote: Hi, This issue has been fixed ... in 5.5.27 and 6.0.17. It is anticipated that these versions will be released shortly. It's been about six weeks. Is there any further information on when Tomcat 5.5.27 will be released? Thanks, Eric No plans as yet. From past exp

RE: [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability

2008-07-14 Thread Eric Hawkes

Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Monday, June 02, 2008 2:46 PM To: Tomcat Users List; Tomcat Developers List; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2008-1947:

[SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability

2008-06-02 Thread Mark Thomas

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE-2008-1947: Tomcat host-manager XSS vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 5.5.9 to 5.5.26 Tomcat 6.0.0 to 6.0.16 This issue has been fixed in the source repositories for each version and wi