-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Konstantin,
On 12/30/11 3:53 PM, Konstantin Kolinko wrote: > 2011/12/30 Christopher Schultz <ch...@christopherschultz.net>: >> >> On 12/30/11 4:35 AM, Gadi Katsovich wrote: >>> I am using Tomcat 5.5.30 and am affected by the hashtable >>> collision DoS vulnerability. >> >> Just wondering: are you actually under attack, or are you just >> saying that you are vulnerable? >> >> I would venture a guess that most sites are currently vulnerable, >> as 7.0.23 as a somewhat recent release (and has a nasty bug which >> is easily corrected with trivial configuration) and 6.0.34 was >> never released. > > If you haven't noticed yet, there is 6.0.35. Sorry, I always forget that the website changelog is perpetually a version behind with release dates. :( - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk7+JWIACgkQ9CaO5/Lv0PCOgQCeK1kAziwl+pyQVeuFKGmSwRuB 39AAnjU3xPmWb58hgFEED5h1vtsHjg6P =XH05 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
