You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark Thomas <ma...@apache.org> on 2011/09/02 10:51:38 UTC
[ANN] Apache Tomcat 7.0.21 released
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 7.0.21
Apache Tomcat 7.0.21 includes security fixes, bug fixes and new features
compared to version 7.0.20 including:
- A fix for CVE-2011-3190 that allowed an attacker to inject requests
when Tomcat was configured behind a reverse proxy using the AJP protocol.
- Multiple additions and improvements to the memory leak
detection/prevention features.
- Improved validation of received AJP messages.
Please refer to the change log for the complete list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
Note that this version has 4 zip binaries: a generic one and three
bundled with Tomcat native binaries for Windows operating systems
running on different CPU architectures.
Downloads:
http://tomcat.apache.org/download-70.cgi
Migration guide from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html
Thank you,
-- The Apache Tomcat Team
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [ANN] Apache Tomcat 7.0.21 released
Posted by ma...@apache.org.
Konstantin Kolinko <kn...@gmail.com> wrote:
>2011/9/2 Mark Thomas <ma...@apache.org>:
>> The Apache Tomcat team announces the immediate availability of Apache
>> Tomcat 7.0.21
>>
>> Apache Tomcat 7.0.21 includes security fixes, bug fixes and new
>features
>> compared to version 7.0.20 including:
>> - A fix for CVE-2011-3190 that allowed an attacker to inject requests
>> when Tomcat was configured behind a reverse proxy using the AJP
>protocol.
>> - Multiple additions and improvements to the memory leak
>> detection/prevention features.
>> - Improved validation of received AJP messages.
>>
>> Please refer to the change log for the complete list of changes:
>> http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
>>
>>(...)
>
>I uploaded 7.0.21 docs and added version number in Bugzilla.
>The docs should be online in an hour, as usual.
>
>Have a nice day!
>
>Best regards,
>Konstantin Kolinko
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: dev-help@tomcat.apache.org
Thanks for doing that.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: [ANN] Apache Tomcat 7.0.21 released
Posted by Konstantin Kolinko <kn...@gmail.com>.
2011/9/2 Mark Thomas <ma...@apache.org>:
> The Apache Tomcat team announces the immediate availability of Apache
> Tomcat 7.0.21
>
> Apache Tomcat 7.0.21 includes security fixes, bug fixes and new features
> compared to version 7.0.20 including:
> - A fix for CVE-2011-3190 that allowed an attacker to inject requests
> when Tomcat was configured behind a reverse proxy using the AJP protocol.
> - Multiple additions and improvements to the memory leak
> detection/prevention features.
> - Improved validation of received AJP messages.
>
> Please refer to the change log for the complete list of changes:
> http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
>
>(...)
I uploaded 7.0.21 docs and added version number in Bugzilla.
The docs should be online in an hour, as usual.
Have a nice day!
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org