AnsweredAssumed Answered

Does the Tomcat software really reached its end of life?

Question asked by Stéphane Depont on Oct 23, 2014



I wonder why Qualys always report my redhat servers as vulnerable to "EOL/Obsolete Software: Apache Tomcat 5.5.x Detected". Yes, Tomcat 5.5 reached its end of life a long time ago, however, redhat is still providing security fix for this software.

In my opinion, it is not relevant to mark it as a vulnerability flaw. What do you think?