Skip to main content
Joe Rybacek
Joe Rybacek
Inspiring
April 28, 2016
Answered

Does Adobe have a timeline for providing a hotfix for TomCat 7.0.68

  • April 28, 2016
  • 2 replies
  • 465 views

I can upgrade Tomcat myself, but that approach isn't documented and isn't likely to be supported by Adobe.

Tomcat is bundled as part of ColdFusion 11, previously Adobe has provided a hotfix to upgrade Tomcat.  Is this something on your roadmap?

Tomcat 7.0.68 fixes the following issues:

    Moderate: CSRF token leak CVE-2015-5351

    Moderate: Security Manager bypass CVE-2016-0714

    Moderate: Security Manager bypass CVE-2016-0763

This topic has been closed for replies.
Correct answer ImmanuelNoel

Joe,

I can confirm Tomcat is updated to 7.0.68 in CF 11 Update 8, and will be out very soon.

Regards,

Immanuel

2 replies

I
ImmanuelNoelCorrect answer
Participating Frequently
April 29, 2016

Joe,

I can confirm Tomcat is updated to 7.0.68 in CF 11 Update 8, and will be out very soon.

Regards,

Immanuel

H
haxtbh
Inspiring
April 28, 2016

This is supposedly being fixed in CF 11 Update 8. There is no ETA on the update but it is "just around the corner"

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices