Date: Thu, 7 Aug 2003 21:30:11 -0700 (PDT) From: "Kang Liu" <lazykang@hotmail.com> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/55362: update ports/www/jakarta-tomcat41 to 4.1.27 Message-ID: <200308080430.h784UBUR065601@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/55362; it has been noted by GNATS. From: "Kang Liu" <lazykang@hotmail.com> To: freebsd-gnats-submit@FreeBSD.org Cc: znerd@FreeBSD.org Subject: Re: ports/55362: update ports/www/jakarta-tomcat41 to 4.1.27 Date: Fri, 08 Aug 2003 12:29:34 +0800 As it is said in tomcat's changelog, it is a security update. Tomcat 4.1.27 includes security fixes for: *Improper recycling of SSL client certificates with Coyote JK 2 *Improper handling of invalid content lengths in requests, causing HTTP processors to be left in an invalid state in Coyote HTTP/1.1, causing a DoS condition *URI normalization bug in Coyote *Improper handling of certain URLs in Coyote JK 2, causing a DoS condition. _________________________________________________________________ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200308080430.h784UBUR065601>