[ANN] Apache Tomcat 7.0.42 released

[Mark Thomas <ma...@apache.org>]

The Apache Tomcat team announces the immediate availability of Apache
Tomcat 7.0.42.

Apache Tomcat is an open source software implementation of the Java
Servlet, JavaServer Pages and Java Expression Language technologies.

This release contains a number of bug fixes and improvements compared to
version 7.0.41. The notable changes include:
- Add support for time to first byte in the AccessLogValve. Patch
  provided by Jeremy Boynes.
- Correct a regression introduced in 7.0.39 (refactoring of base 64
  encoding and decoding) that broke the JNDI Realm when userPassword
  was set and passwords were hashed with MD5 or SHA1.
- Ensure that the build process produces Javadoc that is not vulnerable
  to CVE-2013-1571. Based on a patch by Uwe Schindler.

Please refer to the change log for the complete list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

Note: This version has 4 zip binaries: a generic one and three
      bundled with Tomcat native binaries for Windows operating systems
      running on different CPU architectures.

Note: If you use the APR/native AJP or HTTP connector you *must* upgrade
      to version 1.1.24 or later of the AJP/native library and it is
      recommended that you upgrade to 1.1.27

Downloads:
http://tomcat.apache.org/download-70.cgi

Migration guides from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org