On Thu, November 28, 2013 5:15 pm, kanishk.se...@accenture.com wrote: > Hi All, >
Hi Kanishhk, > We are using Apache tomcat version 6.0.26 and we need to install below > patches on our servers to fix some Vulnerabilities. > > http://svn.apache.org/viewvc?view=revision&revision=958911 > http://svn.apache.org/viewvc?view=revision&revision=958977 > http://svn.apache.org/viewvc?view=revision&revision=959428 > http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151 > http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2012-05-584&actionBtn=Search Is the Apache tomcat instance you are using bundled with the applications above (from HP, Juniper)? If so, you should get an updated release from those vendors, as they should have bundled a higher version of Tomcat that resolves the issues. You can cross-check your list of CVE vulnerabilities against Tomcat versions at this page: http://tomcat.apache.org/security.html Looks like 6.0.37 is the latest version of Tomcat 6. Cheers, Ben --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
