> On Jun 29, 2015, at 10:56 PM, Phil Sorber <sor...@apache.org> wrote: > > Hello All, > > I've prepared a release for v5.3.1 (RC0) which is the latest stable release > in the 5.3.x series. This is the second release in our Long Term Support > (LTS) version as detailed in our Release Management document: > > https://cwiki.apache.org/confluence/display/TS/Release+Management > > Changes since 5.3.0: > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12327092&projectId=12310963 > > Of special note are two fixes for CVE-2015-3249 that effect the HTTP/2 > experimental feature in Apache Traffic Server 5.3.0. They are both DOS > attacks and can be avoided by simply disabling HTTP/2 or upgrading.
Tested on CentOS7 and Fedora 20. Signatures validates. +1. — Leif
