Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected

2025-08-21 Thread 加治屋 一輝
ll be limited by limit_requestbody.conf. Is my understanding correct? 差出人: Mark Thomas 送信日時: 2025年8月5日 17:09 宛先: users@tomcat.apache.org 件名: Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected On 0

Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected

2025-08-05 Thread Mark Thomas
名: Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected On 25/07/2025 03:42, 加治屋 一輝 wrote: Specifically, the following point is unclear to us: The advisory mentions "unlikely configurations of multipart upload.&qu

Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected

2025-08-04 Thread 加治屋 一輝
差出人: Mark Thomas 送信日時: 2025年7月25日 15:40 宛先: users@tomcat.apache.org 件名: Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected On 25/07/2025 03:42, 加治屋 一輝 wrote: > Specifically, the follo

Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected

2025-08-04 Thread 加治屋 一輝
@tomcat.apache.org 件名: Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected On 25/07/2025 03:42, 加治屋 一輝 wrote: > Specifically, the following point is unclear to us: >The advisory mentions "unlikely configurations of mul

Re: [SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected

2025-07-24 Thread Mark Thomas
On 25/07/2025 03:42, 加治屋 一輝 wrote: Specifically, the following point is unclear to us: The advisory mentions "unlikely configurations of multipart upload." Could you please specify what types of configurations are considered "unlikely" and would therefore be affected by this vulnerability

[SECURITY INQUIRY] CVE-2025-52520: Regarding "Unlikely Configurations of Multipart Upload" that are Affected

2025-07-24 Thread 加治屋 一輝
My name is kazu. I am writing to seek clarification regarding a recently published security vulnerability that affects Apache Tomcat. I am writing to seek clarification regarding a recently published security vulnerability that affects Apache Tomcat. We have reviewed the official security adviso

Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version

2024-07-08 Thread Christopher Schultz
g. -chris From: Mark Thomas Date: Sunday, 7 July 2024 at 2:05 AM To: users@tomcat.apache.org Subject: Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version [You don't often get email from ma...@apache.org. Learn why this is important at https://aka.ms/LearnAboutSenderIde

Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version

2024-07-08 Thread Michael Osipov
ght now, compile from sources. M > From: Mark Thomas > Date: Sunday, 7 July 2024 at 2:05 AM > To: users@tomcat.apache.org > Subject: Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 > Version > [You don't often get email from ma...@apache.org. Learn why

Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version

2024-07-07 Thread Zhong, Peyton
From: Mark Thomas Date: Sunday, 7 July 2024 at 2:05 AM To: users@tomcat.apache.org Subject: Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version [You don't often get email from ma...@apache.org. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification

Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version

2024-07-07 Thread Zhong, Peyton
Chris, thanks for your comprehensive explanation about these various mitigation measures. Best regards, Peyton Zhong From: Christopher Schultz Date: Sunday, 7 July 2024 at 1:23 AM To: users@tomcat.apache.org Subject: Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version

Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version

2024-07-06 Thread Mark Thomas
On 06/07/2024 05:08, Zhong, Peyton wrote: Dear Tomcat Community, I am writing to inquire about the potential impact of the recently detected critical vulnerability: CVE-2024-5535 (9.1 CRITICAL / CVSS v3), in OpenSSL 3.0.13 on the Tomcat 10.1.20 v

Re: Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version

2024-07-06 Thread Christopher Schultz
Peyton, On 7/6/24 00:08, Zhong, Peyton wrote: I am writing to inquire about the potential impact of the recently detected critical vulnerability: CVE-2024-5535 (9.1 CRITICAL / CVSS v3), in OpenSSL 3.0.13 on the Tomcat 10.1.20 version. According

Inquiry about CVE-2024-5535 Vulnerability in Tomcat 10.1.20 Version

2024-07-05 Thread Zhong, Peyton
Dear Tomcat Community, I am writing to inquire about the potential impact of the recently detected critical vulnerability: CVE-2024-5535 (9.1 CRITICAL / CVSS v3), in OpenSSL 3.0.13 on the Tomcat 10.1.20 version. According to Black Duck Binary Ana

Re: Tomcat graceful shutdown inquiry

2016-06-28 Thread Coty Sutherland
Fantastic. Thanks! :) On Tue, Jun 28, 2016 at 2:43 PM, Mark Thomas wrote: > On 28/06/2016 19:39, Coty Sutherland wrote: >> Hello all, >> >> I've been poking around with the Fedora distribution of tomcat and >> noticed that systemd isn't allowing tomcat to gracefully shutdown (it >> sends an immed

Re: Tomcat graceful shutdown inquiry

2016-06-28 Thread Mark Thomas
On 28/06/2016 19:39, Coty Sutherland wrote: > Hello all, > > I've been poking around with the Fedora distribution of tomcat and > noticed that systemd isn't allowing tomcat to gracefully shutdown (it > sends an immediate SIGKILL after the Boostrap stop is called). That > isn't your issue, but in t

Tomcat graceful shutdown inquiry

2016-06-28 Thread Coty Sutherland
Hello all, I've been poking around with the Fedora distribution of tomcat and noticed that systemd isn't allowing tomcat to gracefully shutdown (it sends an immediate SIGKILL after the Boostrap stop is called). That isn't your issue, but in trying to mediate the issue so that session persistence w

Re: Inquiry

2008-03-12 Thread Martin Gainty
we could answer your inquiry if you can get someone to translate your request best regards Martin - Original Message - From: "Weng Hon Wong" <[EMAIL PROTECTED]> To: Sent: Tuesday, March 11, 2008 11:20 PM Subject: Inquiry Hi, Can monit help to monitor and restart

Re: Inquiry

2008-03-11 Thread cool gak
hi, i have downloaded the appserver on my laptop,but i am unadle to run the apache server on my lap. could u please help me out. On Tue, Mar 11, 2008 at 9:20 PM, Weng Hon Wong <[EMAIL PROTECTED]> wrote: > Hi, > > > > Can monit help to monitor and restart IF apache tomcat 5.5.25 is down? > I'm

Inquiry

2008-03-11 Thread Weng Hon Wong
Hi, Can monit help to monitor and restart IF apache tomcat 5.5.25 is down? I'm running on openSUSE 10.2. What are the criteria? Please advise. Thanks. Regards, Weng Hon

Re: Tomcat randomly hangs [SECOND INQUIRY]

2007-01-25 Thread Leon Rosenberg
you shouldn't hijack threads, please start a new one. However, one quick shot: 2.4 kernel usually doesn't have nptl support, which means that you can maximum have something like 500 threads in tomcat (depending on how many other threads exist in your app). Another question, is it a et64 xeon? if s