Tomcat Security Holes - Forced Upgrades

Posted Oct. 01, 2002 by: burnside

Tomcat 3.2.x, 3.3.x, and 4.0.1 - 4.0.4 have a hole in them that allows people to view the source of your JSP files. We're planning an upgrade en-masse Tuesday Oct 1 at 11:00 PM PST.