Per the link for the fix for Tomcat vulnerabilities, the vulnerable versions are 8.16.0 and below, and the fix version is 8.17.0. Does that mean 8.16.1 is also a fix?
No, the fix version is 8.17, so lower versions will generally not contain the fix (or may not even have the problem)
The exception is the long-term-releases (8.5 and 8.13) - their point releases may get retro-fixes to enable people to stay on them for longer.
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events