...
tar.gz (pgp, md5, sha1) <-- click on 'md5' to get the key that should match when you execute md5sum <filename>.
| Notices From announce@tomcat.apache.org |
|---|
| 6Jun2017 Security notice received from announce@tomcat.apache.org. Subject: CVE-2017-5664 Apache Tomcat Security Constraint Bypass. |
Tomcat 9.0
- 14Jun2016 - apache-tomcat-9.0.0.M8.tar.gz from http://tomcat.apache.org/download-90.cgi#9.0.0.M8
- apache-tomcat-9.0.0.M8-deployer.tar.gz from http://tomcat.apache.org/download-90.cgi#9.0.0.M8
- Made softlink apache-tomcat-9.0 points to apache-tomcat-9.0.0.M8
- 14Mar2017 http://tomcat.apache.org/download-90.cgi#9.0.0.M18 9.0.0.M18 and deployer. Checksum matched.
- 6Jun2017 downloaded apache-tomcat-9.0.0.M21.tar.gz from http://tomcat.apache.org/download-90.cgi#9.0.0.M21. Checksum ok
...
apache-tomcat-8.0.15
Tomcat 7.0
6Jun2017 Security notice received from announce@tomcat.apache.org. Subject: CVE-2017-5664 Apache Tomcat Security Constraint Bypass.
- 6Jun2017 downloaded apache-tomcat-7.0.78.tar.gz from http://tomcat.apache.org/download-70.cgi. Checksum ok.
...