ports/55362: update ports/www/jakarta-tomcat41 to 4.1.27
lazykang at hotmail.com
Fri Aug 8 04:30:12 UTC 2003
The following reply was made to PR ports/55362; it has been noted by GNATS.
From: "Kang Liu" <lazykang at hotmail.com>
To: freebsd-gnats-submit at FreeBSD.org
Cc: znerd at FreeBSD.org
Subject: Re: ports/55362: update ports/www/jakarta-tomcat41 to 4.1.27
Date: Fri, 08 Aug 2003 12:29:34 +0800
As it is said in tomcat's changelog, it is a security update.
Tomcat 4.1.27 includes security fixes for:
*Improper recycling of SSL client certificates with Coyote JK 2
*Improper handling of invalid content lengths in requests, causing HTTP
processors to be left in an invalid state in Coyote HTTP/1.1, causing a DoS
*URI normalization bug in Coyote
*Improper handling of certain URLs in Coyote JK 2, causing a DoS condition.
The new MSN 8: smart spam protection and 2 months FREE*
More information about the freebsd-ports-bugs