357493 – Dependency on Tomcat 7.0.21

Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 357493 - Dependency on Tomcat 7.0.21

Summary: Dependency on Tomcat 7.0.21

Status:	CLOSED FIXED

Alias:	None

Product:	Gemini.Web
Classification:	RT
Component:	unknown (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	P3 normal (vote)
Target Milestone:	---
Assignee:	Project Inbox
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2011-09-13 10:00 EDT by Violeta Georgieva
Modified:	2011-09-13 11:15 EDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Violeta Georgieva

2011-09-13 10:00:38 EDT

See https://dev.eclipse.org/ipzilla/show_bug.cgi?id=5539

Comment 1 Wayne Beaton

2011-09-13 11:15:50 EDT

The CQ indicates that it was opened due to "security vulnerabilities in Tomcat 7.0.12". Are any Gemini Web consumers subject to those security vulnerabilities? I assume yes, since the 2.0 includes the problematic 7.0.12.

At a minimum, this bug's title should be changed to reflect the nature of the vulnerability, comments added to describe the problem, and the 'security' keyword added.