Bug 50325 - Update Tomcat to use JRE provided solutions for CVE-2009-3555 if available
Summary: Update Tomcat to use JRE provided solutions for CVE-2009-3555 if available
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 5
Classification: Unclassified
Component: Connector:HTTP (show other bugs)
Version: 5.5.32
Hardware: All All
: P2 enhancement (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-11-24 05:38 UTC by Mark Thomas
Modified: 2011-02-07 10:03 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Thomas 2010-11-24 05:38:15 UTC
See http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html for information on the Oracle provided features.

Need to review this to see what - if anything - we can do in Tomcat.
Comment 1 Mark Thomas 2011-01-31 18:46:25 UTC
Fixed in trunk and proposed for 6.0.x and 5.5.x
Comment 2 Konstantin Kolinko 2011-02-02 10:50:48 UTC
Fixed in 6.0, will be in 6.0.32.
Comment 3 Konstantin Kolinko 2011-02-07 10:03:13 UTC
Fixed in 5.5 with r1067949 and r1067950 and will be in 5.5.33.