Aditi Sinha <adisinha0...@gmail.com> wrote:
>We are using Tomcat 7.0.32 in our application. During a security scan >CVE-2012-5568 was reported. > >Is there a configuration which can help us prevent this vulnerability? > >I went through the http://tomcat.apache.org/security-7.html but could >not >find any detail on the same. There is lots if information in the archives on this. This bugzilla issue is probably the best place to start: https://issues.apache.org/bugzilla/show_bug.cgi?id=54263 We could think about adding some info on this under the "Not a vulnerability in Tomcat" section on the security pages. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
