Thanks Chris. Do you know when 6.0.34 version of Tomcat will be available for download?
Best Regards, Shanti Client Automation | HP Software -----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Friday, September 16, 2011 11:02 PM To: Tomcat Users List Subject: Re: Availability of Apache Tomcat 6.0.34? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Shanti, On 9/15/2011 4:21 AM, Yajnik, Shanti wrote: > Does anyone know when the fix for the specific vulnerability: > CVE-2011-3190 will be available for the 6.0.33 version of Apache > Tomcat? The Tomcat team does not release binary patches, so there will never be a "fix available for 6.0.33". Instead, you will either have to wait for 6.0.34 to become available, or download the source code from subversion and compile it yourself. If you want to create your own 6.0.33 + fix-for-CVE-2011-3190, you'll need to get the 6.0.33 tag and then manually merge-in the relevant commits for that bug, then recompile everything. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5ziAIACgkQ9CaO5/Lv0PCK+QCdEUvoqK1oPOY0ZsX42AsWAuL5 eR0AoKhm2/vul13vjQ60w/Vyyf6nmw85 =gInY -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
