Hello Violeta, On the security vulnerability site https://tomcat.apache.org/security-7.html, issue CVE-2014-0050<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>is still reported to be fixed in 7.0.51, which is stated as "not yet released". I assume the fix is delivered in 7.0.52 as well, but the vulnerability page is not updated yet. Can you confirm this?
Thank you very much! Regards, Maarten 2014-02-19 13:10 GMT+01:00 Violeta Georgieva <miles...@gmail.com>: > The Apache Tomcat team announces the immediate availability of Apache > Tomcat 7.0.52. > > Apache Tomcat is an open source software implementation of the Java > Servlet, JavaServer Pages and Java Expression Language technologies. > > This release contains a number of bug fixes and improvements compared to > version 7.0.50. > > Please refer to the change log for the complete list of changes: > http://tomcat.apache.org/tomcat-7.0-doc/changelog.html > > Note: This version has 4 zip binaries: a generic one and > three bundled with Tomcat native binaries for Windows operating > systems running on different CPU architectures. > > Note: Use of the JSR-356 Java WebSocket 1.0 implementation requires Java 7. > > Note: If you use the APR/native AJP or HTTP connector you *must* upgrade > to version 1.1.29 or later of the APR/native library. > > Downloads: > http://tomcat.apache.org/download-70.cgi > > Migration guides from Apache Tomcat 5.5.x and 6.0.x: > http://tomcat.apache.org/migration.html >
