[Bug 1178645] Re: tomcat7 needs update to 7.0.40
H.-Dirk Schmitt
dirk at computer42.org
Fri May 10 12:02:55 UTC 2013
** Description changed:
The new version has some more security fixed, which are not part of 7.0.34 (and .39).
Also a backport to precise [quantal, ...] is needed.
+
+ See announcement mail:
+ -----------------------
+
+ The Apache Tomcat team announces the immediate availability of Apache
+ Tomcat 7.0.40.
+
+ Apache Tomcat is an open source software implementation of the Java
+ Servlet, JavaServer Pages and Java Expression Language technologies.
+
+ This release contains a security fix and a number of bug fixes
+ and improvements compared to version 7.0.39. The notable changes include:
+ - A fix for CVE-2013-2071 (bug <bug>54178</bug>) an informatio
+ disclosure issue.
+ - Various fixes to stop Tomcat attempting to parse text that looks like
+ an EL expression in a JSP document as an EL expression when EL
+ expressions are either not permitted or not enabled.
+ - Improved handling and reporting if a ConcurrentModificationException
+ occurs while checking for memory leaks when a web application is
+ being stopped.
+
+ Please refer to the change log for the complete list of changes:
+ http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
** Tags added: precise quantal raring
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1178645
Title:
tomcat7 needs update to 7.0.40
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1178645/+subscriptions
More information about the Ubuntu-server-bugs
mailing list