[Info-vax] Apache Tomcat (was: Re: gSOAP (was: Re: SAMBA and Ransomeware))
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Tue Jul 25 19:41:24 EDT 2017
On 2017-07-24 19:51:02 +0000, Stephen Hoffman said:
> On 2017-07-12 14:48:40 +0000, Neil Rieck said:
>
>> I posted my worry about SAMBA a few weeks back but just noticed this
>> blurb today.
CVE-2017-5664 "Apache Tomcat Security Constraint Bypass"
https://nvd.nist.gov/vuln/detail/CVE-2017-5664
https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E
The Tomcat version available for OpenVMS is effected by this. Sites
running Tomcat will want to have a look at the details within their
specific environments.
Haven't looked around to see what else happened between the HPE 7.0-29
version and the VSI 7.0-29B version and the Apache Tomcat 7.0.78
version, or some other and more recent current Tomcat version.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list