You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Remy Maucherat <re...@apache.org> on 2002/12/19 22:11:15 UTC
[ANN] Security update: Apache Tomcat 4.1.18 released
Tomcat 4.1.18 has just been released, and includes a fix for an object
recylcing bug which could be exploited by a denial of service attack.
The bug was introduced in Tomcat 4.1.16 Beta, and is still present in
Tomcat 4.1.17 Stable. The release also includes a fix for SSL handling
in the JK connector.
Binary Downloads:
http://jakarta.apache.org/site/binindex.cgi
Source downloads:
http://jakarta.apache.org/site/sourceindex.cgi
Remy
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
[ANN] Apache Tomcat 4.1.24 Stable released
Posted by Remy Maucherat <re...@apache.org>.
The Tomcat Team announces the immediate availability of Apache Tomcat
4.1.24 Stable.
Tomcat 4.1.24 includes bugfixes and reliability improvements over Tomcat
4.1.18. Please see the release notes for a complete list of the changes.
This release addresses the following security issues:
- Denial of service affecting the use of SSL with the standalone
HTTP/1.1 connector.
- Thread safety flaw in the session recycling code, which could lead to
two or more users sharing the same session, under rare circumstances.
- JDBC session store thread safety fixes.
Binary Downloads:
http://jakarta.apache.org/site/binindex.cgi
Source downloads:
http://jakarta.apache.org/site/sourceindex.cgi
Remy
---------------------------------------------------------------------
To unsubscribe, e-mail: announcements-unsubscribe@jakarta.apache.org
For additional commands, e-mail: announcements-help@jakarta.apache.org
[ANN] Apache Tomcat 4.1.24 Stable released
Posted by Remy Maucherat <re...@apache.org>.
The Tomcat Team announces the immediate availability of Apache Tomcat
4.1.24 Stable.
Tomcat 4.1.24 includes bugfixes and reliability improvements over Tomcat
4.1.18. Please see the release notes for a complete list of the changes.
This release addresses the following security issues:
- Denial of service affecting the use of SSL with the standalone
HTTP/1.1 connector.
- Thread safety flaw in the session recycling code, which could lead to
two or more users sharing the same session, under rare circumstances.
- JDBC session store thread safety fixes.
Binary Downloads:
http://jakarta.apache.org/site/binindex.cgi
Source downloads:
http://jakarta.apache.org/site/sourceindex.cgi
Remy
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
[ANN] Apache Tomcat 4.1.24 Stable released
Posted by Remy Maucherat <re...@apache.org>.
The Tomcat Team announces the immediate availability of Apache Tomcat
4.1.24 Stable.
Tomcat 4.1.24 includes bugfixes and reliability improvements over Tomcat
4.1.18. Please see the release notes for a complete list of the changes.
This release addresses the following security issues:
- Denial of service affecting the use of SSL with the standalone
HTTP/1.1 connector.
- Thread safety flaw in the session recycling code, which could lead to
two or more users sharing the same session, under rare circumstances.
- JDBC session store thread safety fixes.
Binary Downloads:
http://jakarta.apache.org/site/binindex.cgi
Source downloads:
http://jakarta.apache.org/site/sourceindex.cgi
Remy
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org