openbsd-ports/www/jakarta-tomcat
reinhard d31aa12fa4 SECURITY update to v4.0.6
A security vulnerability has been confirmed to exist in Apache Tomcat
4.0.x releases (including Tomcat 4.0.5), which allows to use a specially
crafted URL to return the unprocessed source of a JSP page, or, under
special circumstances, a static resource which would otherwise have been
protected by security constraint, without the need for being properly
authenticated. This is based on a variant of the exploit that was
disclosed on 09/24/2002.
2002-10-11 14:36:21 +00:00
..
v3 fix $JAVA_HOME; thx & ok brad@ 2002-04-04 11:28:39 +00:00
v4 SECURITY update to v4.0.6 2002-10-11 14:36:21 +00:00
Makefile split port into version 3 and 4 2002-01-05 15:24:46 +00:00