The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.21
Apache Tomcat 7.0.21 includes security fixes, bug fixes and new features compared to version 7.0.20 including: - A fix for CVE-2011-3190 that allowed an attacker to inject requests when Tomcat was configured behind a reverse proxy using the AJP protocol. - Multiple additions and improvements to the memory leak detection/prevention features. - Improved validation of received AJP messages. Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-7.0-doc/changelog.html Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures. Downloads: http://tomcat.apache.org/download-70.cgi Migration guide from Apache Tomcat 5.5.x and 6.0.x: http://tomcat.apache.org/migration.html Thank you, -- The Apache Tomcat Team --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org