Thanks Andre If an upgrade we will bump up to Tomcat 9 if this is a stable release
-----Original Message----- From: André Warnier (tomcat) [mailto:a...@ice-sa.com] Sent: Thursday, April 28, 2016 1:24 PM To: users@tomcat.apache.org Subject: Re: Apache Tomcat Vulnerabilities On 28.04.2016 21:48, Taylor, Larry wrote: > Hello, > > I am using Tomcat Version: apache-tomcat-7.0.50 That version dates back to 2014. The latest version in that branch is 7.0.69 See : http://tomcat.apache.org/download-70.cgi > OS: Red Hat Enterprise Linux Server release 6.5 (Santiago) 64bit > > Issue: There were 2 vulnerabilities found and need to know if there > are configurations or patches available Maybe, see above. The Tomcat project does not provide any patches. It is recommended instead, to download and install the latest version. See : http://tomcat.apache.org/security.html Please upgrade to the latest version, and report again if the vulnerabilities which you mention are still there. If you wish, you can also check the ChangeLog (http://tomcat.apache.org/tomcat-7.0-doc/changelog.html) between version 7.0.50 and 7.0.69, to see if you find something related to your enquiry. <snip /> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org