2011/11/5 Brendan P Keenan <bkee...@csc.com>: > > It has been identified to me by our security group that my Apache Tomcat > 6.0.33 has the following vulnerability CVE-2011-3190. There is a link on > the Apache Tomcat 6.0 Security page to > http://svn.apache.org/viewvc?view=revision&revision=1162959 as a patch. > > (...) > > Do I add those directories to apply the patch. >
Have you read the first section at the top of that Tomcat 6 security page? http://tomcat.apache.org/security-6.html#Apache_Tomcat_6.x_vulnerabilities Regarding those three files that you mentioned: That is "ViewVC" program that displays Subversion repository that contains the source code. That page shows what files were changed in revision #1162959 and what the differences were. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
