From owner-freebsd-java Mon Sep 30 5:12:54 2002 Delivered-To: freebsd-java@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CD16437B401; Mon, 30 Sep 2002 05:12:53 -0700 (PDT) Received: from procyon.firepipe.net (procyon.firepipe.net [198.78.66.151]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B85643E86; Mon, 30 Sep 2002 05:12:53 -0700 (PDT) (envelope-from will@csociety.org) Received: by procyon.firepipe.net (Postfix, from userid 1000) id B618B23E09; Mon, 30 Sep 2002 05:11:04 -0700 (PDT) Date: Mon, 30 Sep 2002 05:11:04 -0700 From: Will Andrews To: Ernst de Haan Cc: portmgr@FreeBSD.org, java@FreeBSD.org Subject: Re: Jakarta Tomcat 4.x security updates! Message-ID: <20020930121104.GA69627@procyon.firepipe.net> References: <200209300856.35582.znerd@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200209300856.35582.znerd@FreeBSD.org> User-Agent: Mutt/1.4i Sender: owner-freebsd-java@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Sep 30, 2002 at 08:56:35AM +0200, Ernst de Haan wrote: > There is now a known security flaw in both Tomcat 4.0.x and 4.1.x. I have > created some patches and I would like to commit them before the release tag > is laid down. > > I've created PR's for this: > > http://www.freebsd.org/cgi/query-pr.cgi?pr=43503 > http://www.freebsd.org/cgi/query-pr.cgi?pr=43504 > > Please approve/disapprove. If a patch fixes a security issue, there should be no reason not to commit it during the ports freeze. regards, -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-java" in the body of the message