The Apache Tomcat team released Tomcat 7.0.42. Some of the more notable changes in this release include:
- Add support for time to first byte in the AccessLogValve. Patch provided by Jeremy Boynes.
- Correct a regression introduced in 7.0.39 (refactoring of base 64 encoding and decoding) that broke the JNDI Realm when userPassword was set and passwords were hashed with MD5 or SHA1.
- Ensure that the build process produces Javadoc that is not vulnerable to CVE-2013-1571. Based on a patch by Uwe Schindler. .
A full list of fixes and improvements are available in the Tomcat 7 changelog. As usual, you can download Tomcat 7.0.42 source and binaries from a mirror near you.