« DigiCert is not DigiNotar | Main | Mitigating the Apache Range Header DoS on Ubuntu Apache 2.2 »

09/02/2011

Apache Tomcat 7.0.21 Released

The Apache Tomcat team released version 7.0.21 today, which fixes some bugs and addresses some security issues.  Some of the more important changes in this release, which were summarized in the release announcement, include:

  • A fix for CVE-2011-3190 that allowed an attacker to inject requests when Tomcat was configured behind a reverse proxy using the AJP protocol.
  • Multiple additions and improvements to the memory leak detection/prevention features.
  • Improved validation of received AJP messages.

The changelog lists all of the changes in this release and you can download a copy from a mirror near you.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01156fbc6fe6970c0153913d47dd970b

Listed below are links to weblogs that reference Apache Tomcat 7.0.21 Released:

Comments