Re: Hints on upgrading from 6.0.14 to 6.0.18 on production server

;%=[^%]*"|<\w+:[^>]+='[^<']*<%=[^%]*' Enjoy, Brian From: Alan Chaney To: Tomcat Users List Sent: Monday, December 29, 2008 11:54:56 AM Subject: Hints on upgrading from 6.0.14 to 6.0.18 on production server Hi I have a 6.0.14 running with Apr 1.1.10 and

Re: Hints on upgrading from 6.0.14 to 6.0.18 on production server

Or stop using APR... but that in itself is quite a lot of work as I'll have to reconfigure my SSL. Hmm... Gregor Schneider wrote: If I'm not mistaken, the APR has caused the bug, and 6.0.16 contains a new version of the APR. Since this usually comes as a source, you'll have to re-compile t

Re: Hints on upgrading from 6.0.14 to 6.0.18 on production server

If I'm not mistaken, the APR has caused the bug, and 6.0.16 contains a new version of the APR. Since this usually comes as a source, you'll have to re-compile the APR. Cheers Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B31

Hints on upgrading from 6.0.14 to 6.0.18 on production server

Hi I have a 6.0.14 running with Apr 1.1.10 and I seem to be seeing instances of CVE-2007-6286: Tomcat duplicate request processing vulnerability (64-Bit Server VM (build 1.6.0_03-b05, mixed mode) (Centos 5.0 - Linux 2.6.18-8.el5 x86_64 ) The obvious thing to do is to upgrade from 6.0.14 to