kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/www/jakarta-tomcat4/distinfo
Ernst de Haan 2d0baff5f5 Upgrade to Tomcat 4.0.6, released on 9 October 2002. From the 
News & Status page:

	A security vulnerability has been confirmed to exist in
	Apache Tomcat 4.0.x releases (including Tomcat 4.0.5),
	which allows to use a specially crafted URL to return the
	unprocessed source of a JSP page, or, under special
	circumstances, a static resource which would otherwise have been
	protected by security constraint, without the need for being
	properly authenticated.  This is based on a variant of the
	exploit that was disclosed on
	09/24/2002.

See:
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.6/RELEASE-NOTES
2002-10-10 22:51:09 +00:00

1 line
69 B
Text
Raw Blame History

MD5 (jakarta-tomcat-4.0.6.tar.gz) = 643f334059afa719a3d0bc1b04ac7504
Reference in a new issue View git blame Copy permalink