** Description changed: The new version has some more security fixed, which are not part of 7.0.34 (and .39). Also a backport to precise [quantal, ...] is needed. + + See announcement mail: + ----------------------- + + The Apache Tomcat team announces the immediate availability of Apache + Tomcat 7.0.40. + + Apache Tomcat is an open source software implementation of the Java + Servlet, JavaServer Pages and Java Expression Language technologies. + + This release contains a security fix and a number of bug fixes + and improvements compared to version 7.0.39. The notable changes include: + - A fix for CVE-2013-2071 (bug <bug>54178</bug>) an informatio + disclosure issue. + - Various fixes to stop Tomcat attempting to parse text that looks like + an EL expression in a JSP document as an EL expression when EL + expressions are either not permitted or not enabled. + - Improved handling and reporting if a ConcurrentModificationException + occurs while checking for memory leaks when a web application is + being stopped. + + Please refer to the change log for the complete list of changes: + http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
** Tags added: precise quantal raring -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat7 in Ubuntu. https://bugs.launchpad.net/bugs/1178645 Title: tomcat7 needs update to 7.0.40 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1178645/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs