Apache Traffic Server v5.3.1 Released
The Apache Software Foundation and the Apache Traffic Server project
are pleased to announce the release of Apache Traffic Server v5.3.1!
This is our second stable release in the 5.3.x LTS branch, and is
immediately available for download at:
http://trafficserver.apache.org/downloads
Upgrading from 5.x should be seamless. Upgrading from the previous
releases, 3.2.0 and later, to v5.3.1 should preserve the cache and not
require it to be cleared. More details are available at:
https://cwiki.apache.org/confluence/display/TS/Upgrading+to+v5.0
This release is primarily bug fixes. For a list of what’s changed in this
release, please see
https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x
For a list of all JIRA’s for this release, please see
https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12327092&projectId=12310963
Of special note are two fixes for CVE-2015-3249 that effect the HTTP/2
experimental feature in Apache Traffic Server 5.3.0. They are both DOS
attacks and can be avoided by simply disabling HTTP/2 or upgrading to this
release.
5.3.x will be the last minor version in the 5.x release and is a Long Term
Support (LTS) release.
Sincerely,
-- The Apache Traffic Server community
