« DigiCert is not DigiNotar | Main | Mitigating the Apache Range Header DoS on Ubuntu Apache 2.2 »


Apache Tomcat 7.0.21 Released

The Apache Tomcat team released version 7.0.21 today, which fixes some bugs and addresses some security issues.  Some of the more important changes in this release, which were summarized in the release announcement, include:

  • A fix for CVE-2011-3190 that allowed an attacker to inject requests when Tomcat was configured behind a reverse proxy using the AJP protocol.
  • Multiple additions and improvements to the memory leak detection/prevention features.
  • Improved validation of received AJP messages.

The changelog lists all of the changes in this release and you can download a copy from a mirror near you.


TrackBack URL for this entry:

Listed below are links to weblogs that reference Apache Tomcat 7.0.21 Released: