« 01 August 2003 - Commons HttpClient 2.0 Release Candidate 1 Released | Main | 05 August 2003 - Apache Geronimo -- participation in Apache J2EE efforts »

August 01, 2003

01 August 2003 - Tomcat 4.1.27 Stable Released

The Tomcat Team announces the immediate availability of Apache Tomcat 4.1.27 Stable. Among other bugfixes and improvements, Tomcat 4.1.27 includes security fixes for:

Improper recycling of SSL client certificates with Coyote JK 2
Improper handling of invalid content lengths in requests, causing HTTP processors to be left in an invalid state in Coyote HTTP/1.1, causing a DoS condition
URI normalization bug in Coyote
Improper handling of certain URLs in Coyote JK 2, causing a DoS condition

---- Posted by Tetsuya Kitahata at August 1, 2003 07:48 AM
http://www.apachenews.org/archives/000147.html
[ Category : Apache Jakarta ] (PDF)(XML)