Apache Tomcat 7.0.21 available at JVM Host!Published: 05/09/2011
The Apache Tomcat Project is proud to announce the release of version 7.0.21 of Apache Tomcat. This release includes security fixes, bug fixes and new features compared to version 7.0.20 including:
- A fix for CVE-2011-3190 that allowed an attacker to inject requests when Tomcat was configured behind a reverse proxy using the AJP protocol.
- Multiple additionals and improvements to the memory leak detection/prevention features.
- Improved validation of received AJP messages.
Full details of these changes, and all the other changes, are available in the Tomcat 7 changelog.