Apache Tomcat 7.0.40 发布,Java Servlet容器
The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.40.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Apache Tomcat is an open source software implementation of the Java Servlet, JavaServer Pages and Java Expression Language technologies.
This release contains a security fix and a number of bug fixes and improvements compared to version 7.0.39. The notable changes include:
- A fix for CVE-2013-2071 (bug 54178) an informatio disclosure issue.
- Various fixes to stop Tomcat attempting to parse text that looks like an EL expression in a JSP document as an EL expression when EL expressions are either not permitted or not enabled.
- Improved handling and reporting if a ConcurrentModificationException occurs while checking for memory leaks when a web application is being stopped.
Please refer to the change log for the complete list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
Note: This version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.
Note: If you use the APR/native AJP or HTTP connector you *must* upgrade to version 1.1.24 or later of the AJP/native library and it is recommended that you upgrade to 1.1.27
Downloads:
http://tomcat.apache.org/download-70.cgi
Migration guides from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html
Thank you,
-- The Apache Tomcat Team