TomcatExpert

Apache Tomcat 7.0.40 released

posted by mthomas on May 13, 2013 05:10 AM

The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.40.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Apache Tomcat is an open source software implementation of the Java Servlet, JavaServer Pages and Java Expression Language technologies.

This release contains a security fix and a number of bug fixes and improvements compared to version 7.0.39. The notable changes include:

  • A fix for CVE-2013-2071 (bug 54178) an informatio disclosure issue.
  • Various fixes to stop Tomcat attempting to parse text that looks like an EL expression in a JSP document as an EL expression when EL expressions are either not permitted or not enabled.
  • Improved handling and reporting if a ConcurrentModificationException occurs while checking for memory leaks when a web application is being stopped.

 

Please refer to the change log for the complete list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

Note: This version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.

Note: If you use the APR/native AJP or HTTP connector you *must* upgrade to version 1.1.24 or later of the AJP/native library and it is recommended that you upgrade to 1.1.27

Downloads:
http://tomcat.apache.org/download-70.cgi

Migration guides from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html

Thank you,

-- The Apache Tomcat Team

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Register for the tomcat-announce email list to receive Apache announcements directly.

Mark Thomas is a Senior Software Engineer for the SpringSource Division of VMware, Inc. (NYSE: VMW). Mark has been using and developing Tomcat for over six years. He first got involved in the development of Tomcat when he needed better control over the SSL configuration than was available at the time. After fixing that first bug, he started working his way through the remaining Tomcat bugs and is still going. Along the way Mark has become a Tomcat committer and PMC member, volunteered to be the Tomcat 4 & 7 release manager, created the Tomcat security pages, become a member of the ASF and joined the Apache Security Committee. He also helps maintain the ASF's Bugzilla instances. Mark has a MEng in Electronic and Electrical Engineering from the University of Birmingham, United Kingdom.

Comments

It was a well written

It was a well written introduction about Apache Tomcat and its latest versions. The plugin seems to fail while working on with earlier java script formats. Thank you for the detailed article here. Good post. The best thing was that you have given the link for Apache Tomcat 5.5.x and 6.0.x download. It was useful.
view site

Post new comment

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.