This content has been marked as final.
Show 2 replies
-
1. Re: JBOSS 3.2.1: JSP source code disclosure
marc_schoenefeld May 30, 2003 11:08 AM (in response to marc_schoenefeld)just tested the new Jetty 4.2.9, which does not seem to be vulnerable, so the error (or is it a design feature) seems to be somewhere in a gluecode class....
-
2. Re: JBOSS 3.2.1: JSP source code disclosure
gregwilkins Jun 2, 2003 5:31 AM (in response to marc_schoenefeld)The problem was accidentally (re)introduced in Jetty 4.2.10pre0, which has been copied to the JBoss CVS.
It is fixed in 4.2.10pre1 and the patch will shortly be in JBoss CVS.