Bug 50325

Summary: Update Tomcat to use JRE provided solutions for CVE-2009-3555 if available
Product: Tomcat 5 Reporter: Mark Thomas <markt>
Component: Connector:HTTPAssignee: Tomcat Developers Mailing List <dev>
Status: RESOLVED FIXED    
Severity: enhancement    
Priority: P2    
Version: 5.5.32   
Target Milestone: ---   
Hardware: All   
OS: All   

Description Mark Thomas 2010-11-24 05:38:15 UTC 
See http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html for information on the Oracle provided features.

Need to review this to see what - if anything - we can do in Tomcat.
Comment 1 Mark Thomas 2011-01-31 18:46:25 UTC 
Fixed in trunk and proposed for 6.0.x and 5.5.x
Comment 2 Konstantin Kolinko 2011-02-02 10:50:48 UTC 
Fixed in 6.0, will be in 6.0.32.
Comment 3 Konstantin Kolinko 2011-02-07 10:03:13 UTC 
Fixed in 5.5 with r1067949 and r1067950 and will be in 5.5.33.